dependabot[bot] opened a new pull request, #2781: URL: https://github.com/apache/causeway/pull/2781
Bumps `shiro.version` from 1.13.0 to 2.0.2. Updates `org.apache.shiro:shiro-core` from 1.13.0 to 2.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/shiro/releases";>org.apache.shiro:shiro-core's releases</a>.</em></p> <blockquote> <h2>Apache Shiro 2.0.2</h2> <h2>Enhancements</h2> <ul> <li><a href="https://redirect.github.com/apache/shiro/issues/1381";>#1381</a> enh: Build on JDK 22 by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1530";>apache/shiro#1530</a></li> <li><a href="https://redirect.github.com/apache/shiro/issues/1762";>#1762</a> enh: follow desired request scheme when doing redirection by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1727";>apache/shiro#1727</a></li> <li>enh(jakarta,it-tests): no longer relying on hardcoded https port in t… by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1808";>apache/shiro#1808</a></li> </ul> <h2>Bug fixes</h2> <ul> <li>[SHIRO-875] Fix creating subjects from a <code>SubjectFactory</code> that disables session-creation by <a href="https://github.com/boris-petrov";><code>@boris-petrov</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1514";>apache/shiro#1514</a></li> <li>bugfix(deps): remove junit bom from root by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1690";>apache/shiro#1690</a></li> </ul> <h2>Maintenance Tasks</h2> <ul> <li>chore: re-enabled API compatibility check plugin by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1652";>apache/shiro#1652</a></li> <li>enh(checkstyle): disable method name validation for test classes by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1650";>apache/shiro#1650</a></li> </ul> <h2>Dependency updates</h2> <ul> <li>update quartz to 2.4.0-rc2, fix CVE-2023-39017 by <a href="https://github.com/minchai23";><code>@minchai23</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1498";>apache/shiro#1498</a></li> <li>chore(deps): bump org.quartz-scheduler:quartz from 2.4.0-rc2 to 2.5.0-rc1 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1503";>apache/shiro#1503</a></li> <li>chore(deps-dev): bump org.assertj:assertj-core from 3.25.3 to 3.26.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1505";>apache/shiro#1505</a></li> <li>chore(deps): bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.6.14 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1506";>apache/shiro#1506</a></li> <li>chore(deps): bump com.puppycrawl.tools:checkstyle from 10.16.0 to 10.17.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1504";>apache/shiro#1504</a></li> <li>chore(deps): bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.14 to 1.7.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1508";>apache/shiro#1508</a></li> <li>chore(deps): bump bytebuddy.version from 1.14.16 to 1.14.17 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1509";>apache/shiro#1509</a></li> <li>chore(deps-dev): bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1511";>apache/shiro#1511</a></li> <li>chore(deps): bump github/codeql-action from 3.25.6 to 3.25.7 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1515";>apache/shiro#1515</a></li> <li>chore(deps): bump com.flowlogix:flowlogix-jee from 5.5.3 to 5.5.4 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1518";>apache/shiro#1518</a></li> <li>chore(deps): bump org.apache.maven.plugins:maven-jxr-plugin from 3.3.2 to 3.4.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1519";>apache/shiro#1519</a></li> <li>chore(deps): bump github/codeql-action from 3.25.7 to 3.25.8 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1520";>apache/shiro#1520</a></li> <li>chore(deps): bump org.apache.maven.plugins:maven-help-plugin from 3.4.0 to 3.4.1 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1522";>apache/shiro#1522</a></li> <li>chore(deps): bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1523";>apache/shiro#1523</a></li> <li>chore(deps): bump org.htmlunit:htmlunit from 4.1.0 to 4.2.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1524";>apache/shiro#1524</a></li> <li>chore(deps-dev): bump org.easymock:easymock from 5.2.0 to 5.3.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1527";>apache/shiro#1527</a></li> <li>chore(deps): bump org.apache.commons:commons-configuration2 from 2.10.1 to 2.11.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1528";>apache/shiro#1528</a></li> <li>chore(deps): bump github/codeql-action from 3.25.8 to 3.25.9 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1533";>apache/shiro#1533</a></li> <li>chore(deps): bump org.apache.maven.plugins:maven-pmd-plugin from 3.22.0 to 3.23.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1534";>apache/shiro#1534</a></li> <li>chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1535";>apache/shiro#1535</a></li> <li>chore(deps): bump spring.version from 5.3.36 to 5.3.37 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1539";>apache/shiro#1539</a></li> <li>chore(deps): bump github/codeql-action from 3.25.9 to 3.25.10 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1536";>apache/shiro#1536</a></li> <li>deps: updated javassist to latest by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1545";>apache/shiro#1545</a></li> <li>chore(deps-dev): bump tomcat.version from 10.1.24 to 10.1.25 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1546";>apache/shiro#1546</a></li> <li>chore(deps): bump org.apache.maven.plugins:maven-scm-publish-plugin from 3.2.1 to 3.3.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1553";>apache/shiro#1553</a></li> <li>chore(deps): bump junit.version from 5.10.2 to 5.10.3 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1555";>apache/shiro#1555</a></li> <li>chore(deps): bump org.htmlunit:htmlunit from 4.2.0 to 4.3.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1556";>apache/shiro#1556</a></li> <li>chore(deps): bump github/codeql-action from 3.25.10 to 3.25.11 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1557";>apache/shiro#1557</a></li> <li>chore(deps): bump org.projectlombok:lombok from 1.18.32 to 1.18.34 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1558";>apache/shiro#1558</a></li> <li>chore(deps): bump org.owasp:dependency-check-maven from 9.2.0 to 10.0.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1564";>apache/shiro#1564</a></li> <li>chore(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.16.2 to 2.17.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1562";>apache/shiro#1562</a></li> <li>chore(deps): bump groovy.version from 4.0.21 to 4.0.22 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1563";>apache/shiro#1563</a></li> <li>chore(deps): bump org.owasp:dependency-check-maven from 10.0.0 to 10.0.1 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1565";>apache/shiro#1565</a></li> <li>chore(deps): bump jetty.version from 9.4.54.v20240208 to 9.4.55.v20240627 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1567";>apache/shiro#1567</a></li> <li>chore(deps): bump org.codehaus.mojo:taglist-maven-plugin from 3.0.0 to 3.1.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1568";>apache/shiro#1568</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/apache/shiro/blob/main/RELEASE-NOTES";>org.apache.shiro:shiro-core's changelog</a>.</em></p> <blockquote> <h1>Licensed to the Apache Software Foundation (ASF) under one</h1> <h1>or more contributor license agreements. See the NOTICE file</h1> <h1>distributed with this work for additional information</h1> <h1>regarding copyright ownership. The ASF licenses this file</h1> <h1>to you under the Apache License, Version 2.0 (the</h1> <h1>"License"); you may not use this file except in compliance</h1> <h1>with the License. You may obtain a copy of the License at</h1> <h1></h1> <h1><a href="http://www.apache.org/licenses/LICENSE-2.0";>http://www.apache.org/licenses/LICENSE-2.0</a></h1> <h1></h1> <h1>Unless required by applicable law or agreed to in writing,</h1> <h1>software distributed under the License is distributed on an</h1> <h1>"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY</h1> <h1>KIND, either express or implied. See the License for the</h1> <h1>specific language governing permissions and limitations</h1> <h1>under the License.</h1> <p>This is not an official release notes document. It exists for Shiro developers to jot down their notes while working in the source code. These notes will be combined with Jira’s auto-generated release notes during a release for the total set.</p> <p>###########################################################</p> <h1>2.0.0</h1> <p>###########################################################</p> <p>Improvement</p> <pre><code>[SHIRO-290] Implement bcrypt and argon2 KDF algorithms </code></pre> <h2>Backwards Incompatible Changes</h2> <ul> <li>Changed default DefaultPasswordService.java algorithm to "Argon2id".</li> <li>PasswordService.encryptPassword(Object plaintext) will now throw a NullPointerException on null parameter. It was never specified how this method would behave.</li> <li>Made salt non-nullable.</li> <li>Removed methods in PasswordMatcher.</li> </ul> <p>###########################################################</p> <h1>1.7.1</h1> <p>###########################################################</p> <p>Bug</p> <pre><code>[SHIRO-797] - Shiro 1.7.0 is lower than using springboot version 2.0.7 dependency error </code></pre> <p>###########################################################</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/shiro/commit/e7ef2cafa92defb173a2e40e51c133826745bb63";><code>e7ef2ca</code></a> [maven-release-plugin] prepare release shiro-root-2.0.2</li> <li><a href="https://github.com/apache/shiro/commit/f30d5151c06d1c8fd49f3fe7d8108d3b5c46a33b";><code>f30d515</code></a> Merge pull request <a href="https://redirect.github.com/apache/shiro/issues/1865";>#1865</a> from apache/dependabot/maven/org.htmlunit-htmlunit-4...</li> <li><a href="https://github.com/apache/shiro/commit/76e97a175939e549e46c6d0e1741f1b3be8df5a9";><code>76e97a1</code></a> chore(deps): bump org.htmlunit:htmlunit from 4.5.0 to 4.6.0</li> <li><a href="https://github.com/apache/shiro/commit/cef1b05e9deba8ca045ac878703239e98f363215";><code>cef1b05</code></a> Merge pull request <a href="https://redirect.github.com/apache/shiro/issues/1864";>#1864</a> from apache/dependabot/maven/org.apache.maven.skins-...</li> <li><a href="https://github.com/apache/shiro/commit/2c548b12ab6530fa5ee7429d0097ed59c1e91569";><code>2c548b1</code></a> chore(deps): bump org.apache.maven.skins:maven-fluido-skin</li> <li><a href="https://github.com/apache/shiro/commit/45020fc4f67f125ca9622724fde0a480a8d9c22b";><code>45020fc</code></a> Merge pull request <a href="https://redirect.github.com/apache/shiro/issues/1855";>#1855</a> from apache/dependabot/maven/bytebuddy.version-1.15.10</li> <li><a href="https://github.com/apache/shiro/commit/60871ea9130f444a318a08e1d324167b56934940";><code>60871ea</code></a> Merge pull request <a href="https://redirect.github.com/apache/shiro/issues/1856";>#1856</a> from apache/dependabot/maven/org.hsqldb-hsqldb-2.7.4</li> <li><a href="https://github.com/apache/shiro/commit/405f54a89c30f5f6dce30bf346b5be53eb1686aa";><code>405f54a</code></a> chore(deps-dev): bump org.hsqldb:hsqldb from 2.7.3 to 2.7.4</li> <li><a href="https://github.com/apache/shiro/commit/ebc62af71a9db45085cdba6005329a6f53a82dfb";><code>ebc62af</code></a> chore(deps): bump bytebuddy.version from 1.15.7 to 1.15.10</li> <li><a href="https://github.com/apache/shiro/commit/3795f3005f4353af718fd6940b67c42dad4b11ad";><code>3795f30</code></a> Merge pull request <a href="https://redirect.github.com/apache/shiro/issues/1854";>#1854</a> from apache/dependabot/maven/com.puppycrawl.tools-ch...</li> <li>Additional commits viewable in <a href="https://github.com/apache/shiro/compare/shiro-root-1.13.0...shiro-root-2.0.2";>compare view</a></li> </ul> </details> <br /> Updates `org.apache.shiro:shiro-web` from 1.13.0 to 2.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/shiro/releases";>org.apache.shiro:shiro-web's releases</a>.</em></p> <blockquote> <h2>Apache Shiro 2.0.2</h2> <h2>Enhancements</h2> <ul> <li><a href="https://redirect.github.com/apache/shiro/issues/1381";>#1381</a> enh: Build on JDK 22 by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1530";>apache/shiro#1530</a></li> <li><a href="https://redirect.github.com/apache/shiro/issues/1762";>#1762</a> enh: follow desired request scheme when doing redirection by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1727";>apache/shiro#1727</a></li> <li>enh(jakarta,it-tests): no longer relying on hardcoded https port in t… by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1808";>apache/shiro#1808</a></li> </ul> <h2>Bug fixes</h2> <ul> <li>[SHIRO-875] Fix creating subjects from a <code>SubjectFactory</code> that disables session-creation by <a href="https://github.com/boris-petrov";><code>@boris-petrov</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1514";>apache/shiro#1514</a></li> <li>bugfix(deps): remove junit bom from root by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1690";>apache/shiro#1690</a></li> </ul> <h2>Maintenance Tasks</h2> <ul> <li>chore: re-enabled API compatibility check plugin by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1652";>apache/shiro#1652</a></li> <li>enh(checkstyle): disable method name validation for test classes by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1650";>apache/shiro#1650</a></li> </ul> <h2>Dependency updates</h2> <ul> <li>update quartz to 2.4.0-rc2, fix CVE-2023-39017 by <a href="https://github.com/minchai23";><code>@minchai23</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1498";>apache/shiro#1498</a></li> <li>chore(deps): bump org.quartz-scheduler:quartz from 2.4.0-rc2 to 2.5.0-rc1 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1503";>apache/shiro#1503</a></li> <li>chore(deps-dev): bump org.assertj:assertj-core from 3.25.3 to 3.26.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1505";>apache/shiro#1505</a></li> <li>chore(deps): bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.6.14 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1506";>apache/shiro#1506</a></li> <li>chore(deps): bump com.puppycrawl.tools:checkstyle from 10.16.0 to 10.17.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1504";>apache/shiro#1504</a></li> <li>chore(deps): bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.14 to 1.7.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1508";>apache/shiro#1508</a></li> <li>chore(deps): bump bytebuddy.version from 1.14.16 to 1.14.17 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1509";>apache/shiro#1509</a></li> <li>chore(deps-dev): bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1511";>apache/shiro#1511</a></li> <li>chore(deps): bump github/codeql-action from 3.25.6 to 3.25.7 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1515";>apache/shiro#1515</a></li> <li>chore(deps): bump com.flowlogix:flowlogix-jee from 5.5.3 to 5.5.4 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1518";>apache/shiro#1518</a></li> <li>chore(deps): bump org.apache.maven.plugins:maven-jxr-plugin from 3.3.2 to 3.4.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1519";>apache/shiro#1519</a></li> <li>chore(deps): bump github/codeql-action from 3.25.7 to 3.25.8 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1520";>apache/shiro#1520</a></li> <li>chore(deps): bump org.apache.maven.plugins:maven-help-plugin from 3.4.0 to 3.4.1 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1522";>apache/shiro#1522</a></li> <li>chore(deps): bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1523";>apache/shiro#1523</a></li> <li>chore(deps): bump org.htmlunit:htmlunit from 4.1.0 to 4.2.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1524";>apache/shiro#1524</a></li> <li>chore(deps-dev): bump org.easymock:easymock from 5.2.0 to 5.3.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1527";>apache/shiro#1527</a></li> <li>chore(deps): bump org.apache.commons:commons-configuration2 from 2.10.1 to 2.11.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1528";>apache/shiro#1528</a></li> <li>chore(deps): bump github/codeql-action from 3.25.8 to 3.25.9 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1533";>apache/shiro#1533</a></li> <li>chore(deps): bump org.apache.maven.plugins:maven-pmd-plugin from 3.22.0 to 3.23.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1534";>apache/shiro#1534</a></li> <li>chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1535";>apache/shiro#1535</a></li> <li>chore(deps): bump spring.version from 5.3.36 to 5.3.37 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1539";>apache/shiro#1539</a></li> <li>chore(deps): bump github/codeql-action from 3.25.9 to 3.25.10 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1536";>apache/shiro#1536</a></li> <li>deps: updated javassist to latest by <a href="https://github.com/lprimak";><code>@lprimak</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1545";>apache/shiro#1545</a></li> <li>chore(deps-dev): bump tomcat.version from 10.1.24 to 10.1.25 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1546";>apache/shiro#1546</a></li> <li>chore(deps): bump org.apache.maven.plugins:maven-scm-publish-plugin from 3.2.1 to 3.3.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1553";>apache/shiro#1553</a></li> <li>chore(deps): bump junit.version from 5.10.2 to 5.10.3 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1555";>apache/shiro#1555</a></li> <li>chore(deps): bump org.htmlunit:htmlunit from 4.2.0 to 4.3.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1556";>apache/shiro#1556</a></li> <li>chore(deps): bump github/codeql-action from 3.25.10 to 3.25.11 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1557";>apache/shiro#1557</a></li> <li>chore(deps): bump org.projectlombok:lombok from 1.18.32 to 1.18.34 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1558";>apache/shiro#1558</a></li> <li>chore(deps): bump org.owasp:dependency-check-maven from 9.2.0 to 10.0.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1564";>apache/shiro#1564</a></li> <li>chore(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.16.2 to 2.17.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1562";>apache/shiro#1562</a></li> <li>chore(deps): bump groovy.version from 4.0.21 to 4.0.22 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1563";>apache/shiro#1563</a></li> <li>chore(deps): bump org.owasp:dependency-check-maven from 10.0.0 to 10.0.1 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1565";>apache/shiro#1565</a></li> <li>chore(deps): bump jetty.version from 9.4.54.v20240208 to 9.4.55.v20240627 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1567";>apache/shiro#1567</a></li> <li>chore(deps): bump org.codehaus.mojo:taglist-maven-plugin from 3.0.0 to 3.1.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/shiro/pull/1568";>apache/shiro#1568</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/apache/shiro/blob/main/RELEASE-NOTES";>org.apache.shiro:shiro-web's changelog</a>.</em></p> <blockquote> <h1>Licensed to the Apache Software Foundation (ASF) under one</h1> <h1>or more contributor license agreements. See the NOTICE file</h1> <h1>distributed with this work for additional information</h1> <h1>regarding copyright ownership. The ASF licenses this file</h1> <h1>to you under the Apache License, Version 2.0 (the</h1> <h1>"License"); you may not use this file except in compliance</h1> <h1>with the License. You may obtain a copy of the License at</h1> <h1></h1> <h1><a href="http://www.apache.org/licenses/LICENSE-2.0";>http://www.apache.org/licenses/LICENSE-2.0</a></h1> <h1></h1> <h1>Unless required by applicable law or agreed to in writing,</h1> <h1>software distributed under the License is distributed on an</h1> <h1>"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY</h1> <h1>KIND, either express or implied. See the License for the</h1> <h1>specific language governing permissions and limitations</h1> <h1>under the License.</h1> <p>This is not an official release notes document. It exists for Shiro developers to jot down their notes while working in the source code. These notes will be combined with Jira’s auto-generated release notes during a release for the total set.</p> <p>###########################################################</p> <h1>2.0.0</h1> <p>###########################################################</p> <p>Improvement</p> <pre><code>[SHIRO-290] Implement bcrypt and argon2 KDF algorithms </code></pre> <h2>Backwards Incompatible Changes</h2> <ul> <li>Changed default DefaultPasswordService.java algorithm to "Argon2id".</li> <li>PasswordService.encryptPassword(Object plaintext) will now throw a NullPointerException on null parameter. It was never specified how this method would behave.</li> <li>Made salt non-nullable.</li> <li>Removed methods in PasswordMatcher.</li> </ul> <p>###########################################################</p> <h1>1.7.1</h1> <p>###########################################################</p> <p>Bug</p> <pre><code>[SHIRO-797] - Shiro 1.7.0 is lower than using springboot version 2.0.7 dependency error </code></pre> <p>###########################################################</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/shiro/commit/e7ef2cafa92defb173a2e40e51c133826745bb63";><code>e7ef2ca</code></a> [maven-release-plugin] prepare release shiro-root-2.0.2</li> <li><a href="https://github.com/apache/shiro/commit/f30d5151c06d1c8fd49f3fe7d8108d3b5c46a33b";><code>f30d515</code></a> Merge pull request <a href="https://redirect.github.com/apache/shiro/issues/1865";>#1865</a> from apache/dependabot/maven/org.htmlunit-htmlunit-4...</li> <li><a href="https://github.com/apache/shiro/commit/76e97a175939e549e46c6d0e1741f1b3be8df5a9";><code>76e97a1</code></a> chore(deps): bump org.htmlunit:htmlunit from 4.5.0 to 4.6.0</li> <li><a href="https://github.com/apache/shiro/commit/cef1b05e9deba8ca045ac878703239e98f363215";><code>cef1b05</code></a> Merge pull request <a href="https://redirect.github.com/apache/shiro/issues/1864";>#1864</a> from apache/dependabot/maven/org.apache.maven.skins-...</li> <li><a href="https://github.com/apache/shiro/commit/2c548b12ab6530fa5ee7429d0097ed59c1e91569";><code>2c548b1</code></a> chore(deps): bump org.apache.maven.skins:maven-fluido-skin</li> <li><a href="https://github.com/apache/shiro/commit/45020fc4f67f125ca9622724fde0a480a8d9c22b";><code>45020fc</code></a> Merge pull request <a href="https://redirect.github.com/apache/shiro/issues/1855";>#1855</a> from apache/dependabot/maven/bytebuddy.version-1.15.10</li> <li><a href="https://github.com/apache/shiro/commit/60871ea9130f444a318a08e1d324167b56934940";><code>60871ea</code></a> Merge pull request <a href="https://redirect.github.com/apache/shiro/issues/1856";>#1856</a> from apache/dependabot/maven/org.hsqldb-hsqldb-2.7.4</li> <li><a href="https://github.com/apache/shiro/commit/405f54a89c30f5f6dce30bf346b5be53eb1686aa";><code>405f54a</code></a> chore(deps-dev): bump org.hsqldb:hsqldb from 2.7.3 to 2.7.4</li> <li><a href="https://github.com/apache/shiro/commit/ebc62af71a9db45085cdba6005329a6f53a82dfb";><code>ebc62af</code></a> chore(deps): bump bytebuddy.version from 1.15.7 to 1.15.10</li> <li><a href="https://github.com/apache/shiro/commit/3795f3005f4353af718fd6940b67c42dad4b11ad";><code>3795f30</code></a> Merge pull request <a href="https://redirect.github.com/apache/shiro/issues/1854";>#1854</a> from apache/dependabot/maven/com.puppycrawl.tools-ch...</li> <li>Additional commits viewable in <a href="https://github.com/apache/shiro/compare/shiro-root-1.13.0...shiro-root-2.0.2";>compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@causeway.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
