Re: [PR] Remove h from ESCAPED_CHARS in JsonMapObjectReaderWriter [cxf]
reta merged PR #1872: URL: https://github.com/apache/cxf/pull/1872 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] fips support [cxf]
ffang opened a new pull request, #1893: URL: https://github.com/apache/cxf/pull/1893 (no comment) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] fips support [cxf]
jgoodyear commented on PR #1893: URL: https://github.com/apache/cxf/pull/1893#issuecomment-2132385037 To help provide some testing of this PR , does one need to enable a profile or another parameter to test all the FIPS test cases or its all included in mvn install ? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] fips support [cxf]
ffang commented on PR #1893: URL: https://github.com/apache/cxf/pull/1893#issuecomment-2132386103 what I have done in this PR 1. introduce a system property "fips.enabled", when it's true, switch the security algorithms which are not allowed in fips to fips compliant ones. Mainly they are from AES_CBC to AES_GCM; from RSA_OAEP to RSA1_5. This needs the Apache WSS4J side change also. Please see https://issues.apache.org/jira/browse/WSS-711 The default value of "fips.enabled" is false. So the default behaviour is the same as before. 2. A maven profile "fips" is introduced. So just run "mvn clean install -Pfips" on a fips enabled machine/jdk should be sufficient. 3. Several fips compliant ws-securitypolicy names are introduced to help easily run in fips mode 4. A lot security related tests are revised to pick up the fips compliant configurations/keys/certs when running tests with fips profile. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] fips support [cxf]
ffang commented on PR #1893: URL: https://github.com/apache/cxf/pull/1893#issuecomment-2132386383 > To help provide some testing of this PR , does one need to enable a profile or another parameter to test all the FIPS test cases or its all included in mvn install ? Hi @jgoodyear , A maven profile "fips" is introduced. So just run "mvn clean install -Pfips" on a fips enabled machine/jdk should be sufficient. Cheers Freeman -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] fips support [cxf]
jgoodyear commented on PR #1893: URL: https://github.com/apache/cxf/pull/1893#issuecomment-2132391706 Is there a FIPS enabled build host on Apache infra? (CXF has ubuntu and windows test hosts, would be nice if the FIPS paths are regularly tested as well). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.apache.maven:maven-compat from 3.9.6 to 3.9.7 [cxf-xjc-utils]
dependabot[bot] opened a new pull request, #141: URL: https://github.com/apache/cxf-xjc-utils/pull/141 Bumps [org.apache.maven:maven-compat](https://github.com/apache/maven) from 3.9.6 to 3.9.7. Commits https://github.com/apache/maven/commit/8b094c9513efc1b9ce2d952b3b9c8eaedaf8cbf0";>8b094c9 [maven-release-plugin] prepare release maven-3.9.7 https://github.com/apache/maven/commit/6ff3a821e73ad5fa3fa30e40c51b161139573c15";>6ff3a82 [MNG-8125][MNG-8126][MNG-8127] Mild updates (https://redirect.github.com/apache/maven/issues/1533";>#1533) https://github.com/apache/maven/commit/73bc6caec7fb46d20aeefb29bc6bd00d39fb007e";>73bc6ca [MNG-8121] Fix NPE in metadata merge (https://redirect.github.com/apache/maven/issues/1508";>#1508) https://github.com/apache/maven/commit/558ae8a924440c57d7033ce039246d9b176d572b";>558ae8a [MNG-8115] Upgrade minimal set of dependencies (https://redirect.github.com/apache/maven/issues/1496";>#1496) https://github.com/apache/maven/commit/c44304fe33e091be2a4b6a5d65f06ba777a692a0";>c44304f [MNG-8118] Backport to Maven 3.9.x (https://redirect.github.com/apache/maven/issues/1505";>#1505) https://github.com/apache/maven/commit/c1c114dbf98f77eefacb5aa6887645e4de9f069c";>c1c114d [MNG-8081] Interpolate available properties during default profile selection ... https://github.com/apache/maven/commit/b4cbda8cb98ed1e72119d41095b9831ebd0fba86";>b4cbda8 [3.9.x][MNG-8109] Resolver 1.9.20 (https://redirect.github.com/apache/maven/issues/1490";>#1490) https://github.com/apache/maven/commit/bc52363d402f14043e2e4efed40799044cdf531b";>bc52363 [3.9.x][MNG-8106] Fix metadata merge (https://redirect.github.com/apache/maven/issues/1480";>#1480) https://github.com/apache/maven/commit/587e99bc70132f71d69305bcb7217ec5e151c25e";>587e99b [MNG-8094] Resolver 1.9.19 (https://redirect.github.com/apache/maven/issues/1468";>#1468) https://github.com/apache/maven/commit/548459b1a96b79d5e5917af17a0248954deaaa3f";>548459b [MNG-8011] Neuter the README (https://redirect.github.com/apache/maven/issues/1470";>#1470) Additional commits viewable in https://github.com/apache/maven/compare/maven-3.9.6...maven-3.9.7";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.apache.maven:maven-plugin-api from 3.9.6 to 3.9.7 [cxf-xjc-utils]
dependabot[bot] opened a new pull request, #142: URL: https://github.com/apache/cxf-xjc-utils/pull/142 Bumps [org.apache.maven:maven-plugin-api](https://github.com/apache/maven) from 3.9.6 to 3.9.7. Commits https://github.com/apache/maven/commit/8b094c9513efc1b9ce2d952b3b9c8eaedaf8cbf0";>8b094c9 [maven-release-plugin] prepare release maven-3.9.7 https://github.com/apache/maven/commit/6ff3a821e73ad5fa3fa30e40c51b161139573c15";>6ff3a82 [MNG-8125][MNG-8126][MNG-8127] Mild updates (https://redirect.github.com/apache/maven/issues/1533";>#1533) https://github.com/apache/maven/commit/73bc6caec7fb46d20aeefb29bc6bd00d39fb007e";>73bc6ca [MNG-8121] Fix NPE in metadata merge (https://redirect.github.com/apache/maven/issues/1508";>#1508) https://github.com/apache/maven/commit/558ae8a924440c57d7033ce039246d9b176d572b";>558ae8a [MNG-8115] Upgrade minimal set of dependencies (https://redirect.github.com/apache/maven/issues/1496";>#1496) https://github.com/apache/maven/commit/c44304fe33e091be2a4b6a5d65f06ba777a692a0";>c44304f [MNG-8118] Backport to Maven 3.9.x (https://redirect.github.com/apache/maven/issues/1505";>#1505) https://github.com/apache/maven/commit/c1c114dbf98f77eefacb5aa6887645e4de9f069c";>c1c114d [MNG-8081] Interpolate available properties during default profile selection ... https://github.com/apache/maven/commit/b4cbda8cb98ed1e72119d41095b9831ebd0fba86";>b4cbda8 [3.9.x][MNG-8109] Resolver 1.9.20 (https://redirect.github.com/apache/maven/issues/1490";>#1490) https://github.com/apache/maven/commit/bc52363d402f14043e2e4efed40799044cdf531b";>bc52363 [3.9.x][MNG-8106] Fix metadata merge (https://redirect.github.com/apache/maven/issues/1480";>#1480) https://github.com/apache/maven/commit/587e99bc70132f71d69305bcb7217ec5e151c25e";>587e99b [MNG-8094] Resolver 1.9.19 (https://redirect.github.com/apache/maven/issues/1468";>#1468) https://github.com/apache/maven/commit/548459b1a96b79d5e5917af17a0248954deaaa3f";>548459b [MNG-8011] Neuter the README (https://redirect.github.com/apache/maven/issues/1470";>#1470) Additional commits viewable in https://github.com/apache/maven/compare/maven-3.9.6...maven-3.9.7";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven:maven-compat from 3.9.6 to 3.9.7 [cxf-xjc-utils]
reta merged PR #141: URL: https://github.com/apache/cxf-xjc-utils/pull/141 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven:maven-plugin-api from 3.9.6 to 3.9.7 [cxf-xjc-utils]
reta merged PR #142: URL: https://github.com/apache/cxf-xjc-utils/pull/142 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 3.25.5 to 3.25.6 [cxf]
dependabot[bot] opened a new pull request, #1895: URL: https://github.com/apache/cxf/pull/1895 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.5 to 3.25.6. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers. [UNRELEASED] We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. https://redirect.github.com/github/codeql-action/pull/2306";>#2306 3.25.6 - 20 May 2024 Update default CodeQL bundle version to 2.17.3. https://redirect.github.com/github/codeql-action/pull/2295";>#2295 3.25.5 - 13 May 2024 Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the https://github.com/github/codeql-action/blob/main/README.md";>https://github.com/github/codeql-action/blob/main/README.md. https://redirect.github.com/github/codeql-action/pull/2273";>#2273 Avoid printing out a warning for a missing on.push trigger when the CodeQL Action is triggered via a workflow_call event. https://redirect.github.com/github/codeql-action/pull/2274";>#2274 The tools: latest input to the init Action has been renamed to tools: linked. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. https://redirect.github.com/github/codeql-action/pull/2281";>#2281 3.25.4 - 08 May 2024 Update default CodeQL bundle version to 2.17.2. https://redirect.github.com/github/codeql-action/pull/2270";>#2270 3.25.3 - 25 Apr 2024 Update default CodeQL bundle version to 2.17.1. https://redirect.github.com/github/codeql-action/pull/2247";>#2247 Workflows running on macos-latest using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as macos-12. ARM machines with SIP disabled, including the newest macos-latest image, are unsupported for CLI versions before 2.15.1. https://redirect.github.com/github/codeql-action/pull/2261";>#2261 3.25.2 - 22 Apr 2024 No user facing changes. 3.25.1 - 17 Apr 2024 We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the autobuild https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes";>build mode. https://redirect.github.com/github/codeql-action/pull/2235";>#2235 Fix a bug where the init Action would fail if --overwrite was specified in CODEQL_ACTION_EXTRA_OPTIONS. https://redirect.github.com/github/codeql-action/pull/2245";>#2245 3.25.0 - 15 Apr 2024 The deprecated feature for extracting dependencies for a Python analysis has been removed. https://redirect.github.com/github/codeql-action/pull/2224";>#2224 As a result, the following inputs and environment variables are now ignored: The setup-python-dependencies input to the init Action The CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION environment variable We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0. Automatically overwrite an existing database if found on the filesystem. https://redirect.github.com/github/codeql-action/pull/2229";>#2229 Bump the minimum CodeQL bundle version to 2.12.6. https://redirect.github.com/github/codeql-action/pull/2232";>#2232 ... (truncated) Commits https://github.com/github/codeql-action/commit/9fdb3e49720b44c48891d036bb502feb25684276";>9fdb3e4 Merge pull request https://redirect.github.com/github/codeql-action/issues/2300";>#2300 from github/update-v3.25.6-63d519c0a https://github.com/github/codeql-action/commit/00792ab1e0a5e45d2ff0c2426424bf7044bb27d0";>00792ab Update changelog for v3.25.6 https://github.com/github/codeql-action/commit/63d519c0ae6a4b739e3377a517400c352a7d829b";>63d519
[PR] Bump org.webjars:swagger-ui from 5.17.2 to 5.17.11 [cxf]
dependabot[bot] opened a new pull request, #1896: URL: https://github.com/apache/cxf/pull/1896 Bumps [org.webjars:swagger-ui](https://github.com/swagger-api/swagger-ui) from 5.17.2 to 5.17.11. Release notes Sourced from https://github.com/swagger-api/swagger-ui/releases";>org.webjars:swagger-ui's releases. Swagger UI v5.17.10 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.9...v5.17.10";>5.17.10 (2024-05-15) Bug Fixes components: add support for oneOf/anyOf JSON Schema keywords in parameter-row rendering (https://redirect.github.com/swagger-api/swagger-ui/issues/9934";>#9934) (https://github.com/swagger-api/swagger-ui/commit/9037acf508beacac1efcb4f39403c203097d193e";>9037acf), closes https://redirect.github.com/swagger-api/swagger-ui/issues/7912";>#7912 oas31: fix initial rendering of the Webhooks section (https://redirect.github.com/swagger-api/swagger-ui/issues/9938";>#9938) (https://github.com/swagger-api/swagger-ui/commit/b5c84f44c733d004c0c6098c840a68f284b80dd3";>b5c84f4), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9937";>#9937 Swagger UI v5.17.9 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.8...v5.17.9";>5.17.9 (2024-05-13) Bug Fixes deps: allow to consolidate deps in downstream projects (https://redirect.github.com/swagger-api/swagger-ui/issues/9930";>#9930) (https://github.com/swagger-api/swagger-ui/commit/335372d7a89c3a109469c0abbb977839d341f203";>335372d), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9929";>#9929 Swagger UI v5.17.8 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.7...v5.17.8";>5.17.8 (2024-05-13) Bug Fixes components: fix rendering for empty examples in responses (https://redirect.github.com/swagger-api/swagger-ui/issues/9926";>#9926) (https://github.com/swagger-api/swagger-ui/commit/94f2d8298a60a6cf29c1be84e622f476c9c1df91";>94f2d82), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9499";>#9499 swagger-client: resolve multiple path parameters with the same name in path templates, closes https://redirect.github.com/swagger-api/swagger-ui/issues/9928";>#9928 Swagger UI v5.17.7 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.6...v5.17.7";>5.17.7 (2024-05-09) Bug Fixes components: render parameter extensions in the description column (https://redirect.github.com/swagger-api/swagger-ui/issues/9883";>#9883) (https://github.com/swagger-api/swagger-ui/commit/1367a8fbdfddd697b8c71493bb09c01baf17d5a3";>1367a8f) json-schema-5: allow collapsing for primitive models (https://redirect.github.com/swagger-api/swagger-ui/issues/9639";>#9639) (https://github.com/swagger-api/swagger-ui/commit/450bb99109fe9601ea2d5b4c173e9007afa25ff5";>450bb99), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9595";>#9595 render null values included in enum (https://redirect.github.com/swagger-api/swagger-ui/issues/9683";>#9683) (https://github.com/swagger-api/swagger-ui/commit/0dd9afadd28f3c7bbd5c1b91fd3be6ad9fec7ddc";>0dd9afa) Swagger UI v5.17.6 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.5...v5.17.6";>5.17.6 (2024-05-07) Bug Fixes swagger-ui-react: display definition defined as YAML or JSON string (https://redirect.github.com/swagger-api/swagger-ui/issues/9918";>#9918) (https://github.com/swagger-api/swagger-ui/commit/6ae2c1fb15cf01a0a67a910edaef4002330cca25";>6ae2c1f), closes https://redirect.github.com/swagger-api/swagger-ui/issues/9915";>#9915 system: allow wrapping components both from presets and plugins (https://redirect.github.com/swagger-api/swagger-ui/issues/9919";>#9919) (https://github.com/swagger-api/swagger-ui/commit/877470b522838a8fab894c9aa2123ce050eac9dd";>877470b), closes https://redirect.github.com/swagger-api/swagger-ui/issues/7232";>#7232 Swagger UI v5.17.5 Released! https://github.com/swagger-api/swagger-ui/compare/v5.17.4...v5.17.5";>5.17.5 (2024-05-06) Bug Fixes ... (truncated) Commits https://github.com/swagger-api/swagger-ui/commit/f8a74007a08913729e51e422081f7970375ca726";>f8a7400 chore(release): cut the v5.17.11 release https://github.com/swagger-api/swagger-ui/commit/04bbeaa68cf53af82ce633f369d6eb579c44d80d";>04bbeaa fix(config): define missing default options and their types (https://redirect.github.com/swagger-api/swagger-ui/issues/9949";>#9949) https://github.com/swagger-api/swagger-ui/commit/10e1a5f1ea3abeb8c9ce0e0af8c860a86484ef41";>10e1a5f fix(swagger-client): fix OpenAPI 3.1.0 dereferencing (https://redirect.github.com/swagger-api/swagger-ui/issues/9950";>#9950) https://github.com/swagger-api/swagger-ui/commit/fddb2e1b54d6f83520518299cc03f292c41d4009";>fddb2e1 chore(deps-dev): bump sinon from 17.0.2 to 18.0.0 (https://redirect.github.com/swagger-api/swagger-ui/issues/9942";>#9942) https://gi
[PR] Bump org.codehaus.mojo:exec-maven-plugin from 3.2.0 to 3.3.0 [cxf]
dependabot[bot] opened a new pull request, #1897: URL: https://github.com/apache/cxf/pull/1897 Bumps [org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) from 3.2.0 to 3.3.0. Release notes Sourced from https://github.com/mojohaus/exec-maven-plugin/releases";>org.codehaus.mojo:exec-maven-plugin's releases. 3.3.0 🚀 New features and improvements Add option to include runtime and provided (https://redirect.github.com/mojohaus/exec-maven-plugin/pull/61";>#61) https://github.com/rehevkor5";>@​rehevkor5 📦 Dependency updates Bump org.codehaus.mojo:mojo-parent from 80 to 82 (https://redirect.github.com/mojohaus/exec-maven-plugin/pull/429";>#429) https://github.com/dependabot";>@​dependabot Bump org.codehaus.plexus:plexus-utils from 4.0.0 to 4.0.1 (https://redirect.github.com/mojohaus/exec-maven-plugin/pull/424";>#424) https://github.com/dependabot";>@​dependabot Bump asm.version from 9.6 to 9.7 (https://redirect.github.com/mojohaus/exec-maven-plugin/pull/422";>#422) https://github.com/dependabot";>@​dependabot Bump apache/maven-gh-actions-shared from 3 to 4 (https://redirect.github.com/mojohaus/exec-maven-plugin/pull/420";>#420) https://github.com/dependabot";>@​dependabot Commits https://github.com/mojohaus/exec-maven-plugin/commit/366da2fc02116bb26910563df8b27884863a4b91";>366da2f [maven-release-plugin] prepare release 3.3.0 https://github.com/mojohaus/exec-maven-plugin/commit/416c83a3e02038c0f427f9c3c858d66828009c4b";>416c83a Bump org.codehaus.mojo:mojo-parent from 80 to 82 (https://redirect.github.com/mojohaus/exec-maven-plugin/issues/429";>#429) https://github.com/mojohaus/exec-maven-plugin/commit/8d3327f48ad03bc910bc9ce4d203492c7e2af074";>8d3327f Bump org.codehaus.plexus:plexus-utils from 4.0.0 to 4.0.1 https://github.com/mojohaus/exec-maven-plugin/commit/662ab09f6e7e37e79920d2a9a23af9a67d5823ca";>662ab09 Bump asm.version from 9.6 to 9.7 https://github.com/mojohaus/exec-maven-plugin/commit/ec97f4dd03f0393a20bbc810479cb8518af702e9";>ec97f4d Add "provided" classpathScope (runtime+provided) https://github.com/mojohaus/exec-maven-plugin/commit/d18ed80b374f121520a0a82c0922b7c0164ab8ab";>d18ed80 Bump apache/maven-gh-actions-shared from 3 to 4 https://github.com/mojohaus/exec-maven-plugin/commit/f19bde12df30d521ec245c8156463ec73066d2c6";>f19bde1 [maven-release-plugin] prepare for next development iteration See full diff in https://github.com/mojohaus/exec-maven-plugin/compare/3.2.0...3.3.0";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
