dependabot-preview[bot]
|
d6f116d2a8
|
Bump liquibase-core from 3.8.6 to 3.8.7
Bumps [liquibase-core](https://github.com/liquibase/liquibase) from 3.8.6 to 3.8.7.
- [Release notes](https://github.com/liquibase/liquibase/releases)
- [Changelog](https://github.com/liquibase/liquibase/blob/v3.8.7/changelog.txt)
- [Commits](https://github.com/liquibase/liquibase/compare/v3.8.6...v3.8.7)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
|
5 years ago |
jvoisin
|
7bafdd1027
|
Bump jackson version
This also factorise all the jackson things into a variable for the versions.
|
5 years ago |
François-Xavier Thomas
|
38b56e2261
|
Update tomcat to 8.5.51
|
5 years ago |
jvoisin
|
135886374a
|
Use codecov for coverage visualisation
|
5 years ago |
jvoisin
|
e702612a03
|
Bump checker and guava
|
5 years ago |
dependabot-preview[bot]
|
4d33d72730
|
Bump maven-surefire-plugin from 2.22.0 to 2.22.2 (#1534)
Bumps [maven-surefire-plugin](https://github.com/apache/maven-surefire) from 2.22.0 to 2.22.2.
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](https://github.com/apache/maven-surefire/compare/surefire-2.22.0...surefire-2.22.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
|
5 years ago |
dependabot-preview[bot]
|
478d316bb4
|
Bump jackson-annotations from 2.10.0 to 2.10.2
Bumps [jackson-annotations](https://github.com/FasterXML/jackson) from 2.10.0 to 2.10.2.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
|
5 years ago |
dependabot-preview[bot]
|
f9d68b15e4
|
Bump maven-compiler-plugin from 3.8.0 to 3.8.1
Bumps [maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.8.0 to 3.8.1.
- [Release notes](https://github.com/apache/maven-compiler-plugin/releases)
- [Commits](https://github.com/apache/maven-compiler-plugin/compare/maven-compiler-plugin-3.8.0...maven-compiler-plugin-3.8.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
|
5 years ago |
dependabot-preview[bot]
|
331467cb6f
|
Bump maven-pmd-plugin from 3.12.0 to 3.13.0
Bumps [maven-pmd-plugin](https://github.com/apache/maven-pmd-plugin) from 3.12.0 to 3.13.0.
- [Release notes](https://github.com/apache/maven-pmd-plugin/releases)
- [Commits](https://github.com/apache/maven-pmd-plugin/compare/maven-pmd-plugin-3.12.0...maven-pmd-plugin-3.13.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
|
5 years ago |
dependabot-preview[bot]
|
6cde9238ca
|
Bump maven-enforcer-plugin from 3.0.0-M2 to 3.0.0-M3
Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 3.0.0-M2 to 3.0.0-M3.
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.0.0-M2...enforcer-3.0.0-M3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
|
5 years ago |
dependabot-preview[bot]
|
6bfb602ec9
|
Bump maven-war-plugin from 3.2.2 to 3.2.3
Bumps [maven-war-plugin](https://github.com/apache/maven-war-plugin) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/apache/maven-war-plugin/releases)
- [Commits](https://github.com/apache/maven-war-plugin/compare/maven-war-plugin-3.2.2...maven-war-plugin-3.2.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
|
5 years ago |
dependabot-preview[bot]
|
1189a10c5a
|
Bump jackson-core from 2.10.0 to 2.10.2
Bumps [jackson-core](https://github.com/FasterXML/jackson-core) from 2.10.0 to 2.10.2.
- [Release notes](https://github.com/FasterXML/jackson-core/releases)
- [Commits](https://github.com/FasterXML/jackson-core/compare/jackson-core-2.10.0...jackson-core-2.10.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
|
5 years ago |
jvoisin
|
8b13152e72
|
Bump depency-check's version
|
5 years ago |
dependabot-preview[bot]
|
5fdc3f6a04
|
Bump maven-assembly-plugin from 3.1.0 to 3.2.0
Bumps [maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/apache/maven-assembly-plugin/releases)
- [Commits](https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.1.0...maven-assembly-plugin-3.2.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
|
5 years ago |
dependabot-preview[bot]
|
1141791138
|
Bump liquibase-core from 3.6.3 to 3.8.6 (#1499)
Bumps [liquibase-core](https://github.com/liquibase/liquibase) from 3.6.3 to 3.8.6.
- [Release notes](https://github.com/liquibase/liquibase/releases)
- [Changelog](https://github.com/liquibase/liquibase/blob/master/changelog.txt)
- [Commits](https://github.com/liquibase/liquibase/compare/liquibase-parent-3.6.3...v3.8.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
|
5 years ago |
dependabot-preview[bot]
|
921fe21733
|
Bump commons-lang3 from 3.8.1 to 3.9
Bumps commons-lang3 from 3.8.1 to 3.9.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
|
5 years ago |
dependabot-preview[bot]
|
26cf3d8a39
|
Bump stax-ex from 1.8.1 to 1.8.2
Bumps [stax-ex](https://github.com/eclipse-ee4j/jaxb-stax-ex) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/eclipse-ee4j/jaxb-stax-ex/releases)
- [Commits](https://github.com/eclipse-ee4j/jaxb-stax-ex/compare/1.8.1...1.8.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
|
5 years ago |
jvoisin
|
58bbb3e029
|
Bump Apache cxf-core from 3.3.4 to 3.3.5
This fixes CVE-2019-17573
|
5 years ago |
Andrew DeMaria
|
bdcfc78b85
|
Update apache cxf
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
|
5 years ago |
Andrew DeMaria
|
35eaae39db
|
Bump snapshot version
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
|
5 years ago |
Andrew DeMaria
|
ef22d6d8ed
|
Remove optional jetty runtime
- Simplifies pom making future upgrades easier
- Fixes tests picking up jetty runtime
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
|
5 years ago |
jvoisin
|
0c0561d104
|
Bump apache's cxf
|
5 years ago |
jvoisin
|
599eb8574d
|
Bump OWASP's maven dependency's check
|
5 years ago |
jvoisin
|
a4cc1ec6ec
|
Bump jackson to a proper release
|
5 years ago |
Evan Harris
|
29c1b5dbca
|
Enabled PMD checking for jsp files
2 rulesets are included.
|
5 years ago |
jvoisin
|
af28e7c257
|
Fix the syntax for sunfire's exclusion
|
5 years ago |
Evan Harris
|
4fb9820a08
|
Added test case sources to checkstyle
Fixes #1328.
|
5 years ago |
Andrew DeMaria
|
3fe6e8b267
|
Add logger name checkstyle
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
|
5 years ago |
Andrew DeMaria
|
b778f7099f
|
Remove Tomcat version override
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
|
5 years ago |
jvoisin
|
5c1451b904
|
Bump Spring
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
|
5 years ago |
frankdelange
|
1e7cbcc190
|
Upgrade jackson-* to 2.10.0.pr3 to fix CVE-2019-16335, CVE-2019-14540
|
5 years ago |
Shen-Ta Hsieh
|
394dfa1ce7
|
upgrade jackson-databind and commons-beanutils for CVEs
Signed-off-by: Shen-Ta Hsieh <ibmibmibm.tw@gmail.com>
|
5 years ago |
jvoisin
|
b650ac70d6
|
Temporarily skip a test
Based on tesshucom's #1192
|
5 years ago |
jvoisin
|
9a5f3f9483
|
Replace a now-defunct maven repo with a working one
|
5 years ago |
Andrew DeMaria
|
e7bd5da6fa
|
Precompile jsp
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
|
5 years ago |
Andrew DeMaria
|
859d08fc02
|
Bump version
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
|
5 years ago |
Andrew DeMaria
|
8db4ec12e1
|
Add sha256sums and gpg sign outside of maven process
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
|
5 years ago |
jvoisin
|
a997fd4873
|
Bump jaxb-impl and jaxb-core
|
5 years ago |
jvoisin
|
61e3bc059d
|
Bump javax annotation
|
5 years ago |
jvoisin
|
36985e151b
|
Bump dependency checker
|
5 years ago |
Andrew DeMaria
|
4d615a35f4
|
Add comment for why ossindex is disabled
|
6 years ago |
Andrew DeMaria
|
c2acc36f85
|
Disable ossindex analyzer as its data is questionable
|
6 years ago |
Andrew DeMaria
|
7c7ac3e591
|
Update dependency check
|
6 years ago |
jvoisin
|
b8d64c1dbd
|
Bump the version of maven-checkstyle-plugin
|
6 years ago |
Andrew DeMaria
|
310156f891
|
CVE-2019-12086 - bump jackson version
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
|
6 years ago |
Andrew DeMaria
|
8be0746bd4
|
Bump to 10.4.0 SNAPSHOT
|
6 years ago |
Andrew DeMaria
|
df352d8cb0
|
Fix #611 Add support for Java 9 and greater
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
|
6 years ago |
Andrew DeMaria
|
ab07462530
|
Update tomcat to 8.5.40
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
|
6 years ago |
tesshucom
|
f54e72026f
|
version upgrade of spring-boot-dependencies,spring-boot-maven-plugin
- Safety version for CVE-2019-3795
- Match the new jetty ecj version because the version of ecj used by
tomcat and jetty is different.
|
6 years ago |
jvoisin
|
ec4b969e2c
|
Replace latin encoding with utf-8
|
6 years ago |