chore(deps): bump the low-risk group across 1 directory with 17 updates#368
Open
dependabot[bot] wants to merge 1 commit into
Open
chore(deps): bump the low-risk group across 1 directory with 17 updates#368dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the low-risk group with 17 updates in the / directory: | Package | From | To | | --- | --- | --- | | [ch.qos.logback:logback-core](https://github.com/qos-ch/logback) | `1.5.32` | `1.5.34` | | [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.32` | `1.5.34` | | [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) | `2.21.3` | `2.22.0` | | [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) | `2025.0.5` | `2025.0.6` | | [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) | `3.5.14` | `3.5.15` | | [org.springframework.cloud:spring-cloud-dependencies](https://github.com/spring-cloud/spring-cloud-release) | `2025.1.1` | `2025.1.2` | | [io.projectreactor.netty:reactor-netty-core](https://github.com/reactor/reactor-netty) | `1.3.5` | `1.3.6` | | [org.pitest:pitest-parent](https://github.com/hcoles/pitest) | `1.25.1` | `1.25.4` | | [org.pitest:pitest-maven](https://github.com/hcoles/pitest) | `1.25.1` | `1.25.4` | | [io.netty:netty-codec-http](https://github.com/netty/netty) | `4.2.14.Final` | `4.2.15.Final` | | [io.netty:netty-codec](https://github.com/netty/netty) | `4.2.14.Final` | `4.2.15.Final` | | [io.netty:netty-common](https://github.com/netty/netty) | `4.2.14.Final` | `4.2.15.Final` | | [io.netty:netty-handler](https://github.com/netty/netty) | `4.2.14.Final` | `4.2.15.Final` | | [com.github.spotbugs:spotbugs](https://github.com/spotbugs/spotbugs) | `4.9.8` | `4.10.2` | | [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) | `0.8.14` | `0.8.15` | | [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) | `4.9.8.3` | `4.10.2.0` | | [org.sonatype.central:central-publishing-maven-plugin](https://github.com/sonatype/central-publishing-maven-plugin) | `0.10.0` | `0.11.0` | Updates `ch.qos.logback:logback-core` from 1.5.32 to 1.5.34 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.32...v_1.5.34) Updates `ch.qos.logback:logback-classic` from 1.5.32 to 1.5.34 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.32...v_1.5.34) Updates `ch.qos.logback:logback-classic` from 1.5.32 to 1.5.34 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.32...v_1.5.34) Updates `com.fasterxml.jackson:jackson-bom` from 2.21.3 to 2.22.0 - [Commits](FasterXML/jackson-bom@jackson-bom-2.21.3...jackson-bom-2.22.0) Updates `io.projectreactor:reactor-bom` from 2025.0.5 to 2025.0.6 - [Release notes](https://github.com/reactor/reactor/releases) - [Commits](reactor/reactor@2025.0.5...2025.0.6) Updates `org.springframework.boot:spring-boot-dependencies` from 3.5.14 to 3.5.15 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.14...v3.5.15) Updates `org.springframework.cloud:spring-cloud-dependencies` from 2025.1.1 to 2025.1.2 - [Release notes](https://github.com/spring-cloud/spring-cloud-release/releases) - [Commits](spring-cloud/spring-cloud-release@v2025.1.1...v2025.1.2) Updates `io.projectreactor.netty:reactor-netty-core` from 1.3.5 to 1.3.6 - [Release notes](https://github.com/reactor/reactor-netty/releases) - [Commits](reactor/reactor-netty@v1.3.5...v1.3.6) Updates `org.pitest:pitest-parent` from 1.25.1 to 1.25.4 - [Release notes](https://github.com/hcoles/pitest/releases) - [Commits](hcoles/pitest@1.25.1...1.25.4) Updates `org.pitest:pitest-maven` from 1.25.1 to 1.25.4 - [Release notes](https://github.com/hcoles/pitest/releases) - [Commits](hcoles/pitest@1.25.1...1.25.4) Updates `io.netty:netty-codec-http` from 4.2.14.Final to 4.2.15.Final - [Release notes](https://github.com/netty/netty/releases) - [Commits](netty/netty@netty-4.2.14.Final...netty-4.2.15.Final) Updates `io.netty:netty-codec` from 4.2.14.Final to 4.2.15.Final - [Release notes](https://github.com/netty/netty/releases) - [Commits](netty/netty@netty-4.2.14.Final...netty-4.2.15.Final) Updates `io.netty:netty-common` from 4.2.14.Final to 4.2.15.Final - [Release notes](https://github.com/netty/netty/releases) - [Commits](netty/netty@netty-4.2.14.Final...netty-4.2.15.Final) Updates `io.netty:netty-handler` from 4.2.14.Final to 4.2.15.Final - [Release notes](https://github.com/netty/netty/releases) - [Commits](netty/netty@netty-4.2.14.Final...netty-4.2.15.Final) Updates `io.netty:netty-codec` from 4.2.14.Final to 4.2.15.Final - [Release notes](https://github.com/netty/netty/releases) - [Commits](netty/netty@netty-4.2.14.Final...netty-4.2.15.Final) Updates `io.netty:netty-common` from 4.2.14.Final to 4.2.15.Final - [Release notes](https://github.com/netty/netty/releases) - [Commits](netty/netty@netty-4.2.14.Final...netty-4.2.15.Final) Updates `io.netty:netty-handler` from 4.2.14.Final to 4.2.15.Final - [Release notes](https://github.com/netty/netty/releases) - [Commits](netty/netty@netty-4.2.14.Final...netty-4.2.15.Final) Updates `com.github.spotbugs:spotbugs` from 4.9.8 to 4.10.2 - [Release notes](https://github.com/spotbugs/spotbugs/releases) - [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md) - [Commits](spotbugs/spotbugs@4.9.8...4.10.2) Updates `org.jacoco:jacoco-maven-plugin` from 0.8.14 to 0.8.15 - [Release notes](https://github.com/jacoco/jacoco/releases) - [Commits](jacoco/jacoco@v0.8.14...v0.8.15) Updates `com.github.spotbugs:spotbugs-maven-plugin` from 4.9.8.3 to 4.10.2.0 - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.8.3...spotbugs-maven-plugin-4.10.2.0) Updates `org.pitest:pitest-maven` from 1.25.1 to 1.25.4 - [Release notes](https://github.com/hcoles/pitest/releases) - [Commits](hcoles/pitest@1.25.1...1.25.4) Updates `org.sonatype.central:central-publishing-maven-plugin` from 0.10.0 to 0.11.0 - [Commits](https://github.com/sonatype/central-publishing-maven-plugin/commits) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-core dependency-version: 1.5.34 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: ch.qos.logback:logback-classic dependency-version: 1.5.34 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: ch.qos.logback:logback-classic dependency-version: 1.5.34 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: com.fasterxml.jackson:jackson-bom dependency-version: 2.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: io.projectreactor:reactor-bom dependency-version: 2025.0.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-version: 3.5.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.springframework.cloud:spring-cloud-dependencies dependency-version: 2025.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: io.projectreactor.netty:reactor-netty-core dependency-version: 1.3.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.pitest:pitest-parent dependency-version: 1.25.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.pitest:pitest-maven dependency-version: 1.25.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: io.netty:netty-codec-http dependency-version: 4.2.15.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: io.netty:netty-codec dependency-version: 4.2.15.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: io.netty:netty-common dependency-version: 4.2.15.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: io.netty:netty-handler dependency-version: 4.2.15.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: io.netty:netty-codec dependency-version: 4.2.15.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: io.netty:netty-common dependency-version: 4.2.15.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: io.netty:netty-handler dependency-version: 4.2.15.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: com.github.spotbugs:spotbugs dependency-version: 4.10.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: org.jacoco:jacoco-maven-plugin dependency-version: 0.8.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-version: 4.10.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: org.pitest:pitest-maven dependency-version: 1.25.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.sonatype.central:central-publishing-maven-plugin dependency-version: 0.11.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: low-risk ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
AssigneesThe following users could not be added as assignees: Please fix the above issues or remove invalid values from |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the low-risk group with 17 updates in the / directory:
1.5.321.5.341.5.321.5.342.21.32.22.02025.0.52025.0.63.5.143.5.152025.1.12025.1.21.3.51.3.61.25.11.25.41.25.11.25.44.2.14.Final4.2.15.Final4.2.14.Final4.2.15.Final4.2.14.Final4.2.15.Final4.2.14.Final4.2.15.Final4.9.84.10.20.8.140.8.154.9.8.34.10.2.00.10.00.11.0Updates
ch.qos.logback:logback-corefrom 1.5.32 to 1.5.34Release notes
Sourced from ch.qos.logback:logback-core's releases.
Commits
e62272aprepare release 1.5.341e9e926add resolveProxyClassRejectsDynamicProxies unit test2de5cbeadded StackTraceElementProxyTest, minor edits to AGENTS.md0e9b927in case StackTraceElement is null use a substitute, fixing issues/1040f7a0654prevent resolveProxyClass bypass249b81fdocs are no longer distributed1c3b26astart work on 1.5.34-SNAPSHOT124e8b4prepare release 1.5.33d8fd6f2escapeTags in message field when printing status messages95edbebhostnameVerification default to true in SSLParametersConfiguration, SSL.DEFAU...Updates
ch.qos.logback:logback-classicfrom 1.5.32 to 1.5.34Release notes
Sourced from ch.qos.logback:logback-classic's releases.
Commits
e62272aprepare release 1.5.341e9e926add resolveProxyClassRejectsDynamicProxies unit test2de5cbeadded StackTraceElementProxyTest, minor edits to AGENTS.md0e9b927in case StackTraceElement is null use a substitute, fixing issues/1040f7a0654prevent resolveProxyClass bypass249b81fdocs are no longer distributed1c3b26astart work on 1.5.34-SNAPSHOT124e8b4prepare release 1.5.33d8fd6f2escapeTags in message field when printing status messages95edbebhostnameVerification default to true in SSLParametersConfiguration, SSL.DEFAU...Updates
ch.qos.logback:logback-classicfrom 1.5.32 to 1.5.34Release notes
Sourced from ch.qos.logback:logback-classic's releases.
Commits
e62272aprepare release 1.5.341e9e926add resolveProxyClassRejectsDynamicProxies unit test2de5cbeadded StackTraceElementProxyTest, minor edits to AGENTS.md0e9b927in case StackTraceElement is null use a substitute, fixing issues/1040f7a0654prevent resolveProxyClass bypass249b81fdocs are no longer distributed1c3b26astart work on 1.5.34-SNAPSHOT124e8b4prepare release 1.5.33d8fd6f2escapeTags in message field when printing status messages95edbebhostnameVerification default to true in SSLParametersConfiguration, SSL.DEFAU...Updates
com.fasterxml.jackson:jackson-bomfrom 2.21.3 to 2.22.0Commits
112e859[maven-release-plugin] prepare release jackson-bom-2.22.02cae2cePrep for 2.22.0 release7955d21Merge branch '2.21' into 2.x8922a05Post-release dep version bump1fa9943[maven-release-plugin] prepare for next development iterationd1abd31[maven-release-plugin] prepare release jackson-bom-2.21.42aaea43Prep for 2.21.4 release902ec69Update Woodstox/stax2-api (to 7.2.0/4.3.0)2570647Merge branch '2.21' into 2.x9d3a9d5Post-release dep version bumpUpdates
io.projectreactor:reactor-bomfrom 2025.0.5 to 2025.0.6Release notes
Sourced from io.projectreactor:reactor-bom's releases.
Commits
2764b66[release] Prepare and release BOM 2025.0.6d7fff6bMerge-ignore release 2024.0.18 into 2025.0.652e80b7[release] Back to snapshots, next BOM will be SR 19518bad4[release] Prepare and release BOM 2024.0.1886280c8Merge #780 into 2025.0.68d7d6f3Bump actions/checkout from 6.0.2 to 6.0.3 (#780)df88e6bMerge 4dece8e9 into 2025.0.64dece8e[build] Use non-capturing groups for all numeric segments in qualifyVersion2f4cdc8Merge 17214287 into 2025.0.61721428[build] Enhance version parsing to support 4-part numeric versionsUpdates
org.springframework.boot:spring-boot-dependenciesfrom 3.5.14 to 3.5.15Release notes
Sourced from org.springframework.boot:spring-boot-dependencies's releases.
... (truncated)
Commits
c069bceRelease v3.5.15b068647Upgrade to Spring Integration 6.5.9327bef3Enable hostname verification by default in Mail auto-config4218bd7Fix predictable temp directory in Artemis embedded configurationb2a67beUpgrade to Spring GraphQL 1.4.654ef8d3Upgrade to Spring Batch 5.2.6d3f60feUpgrade to Spring WS 4.1.428d4ae8Upgrade to Spring Session 3.5.7190c452Upgrade to Spring Security 6.5.1134e7b58Upgrade to Spring Pulsar 1.2.18Updates
org.springframework.cloud:spring-cloud-dependenciesfrom 2025.1.1 to 2025.1.2Release notes
Sourced from org.springframework.cloud:spring-cloud-dependencies's releases.
Commits
bda306dUpdate SNAPSHOT to 2025.1.24fd3272Merge pull request #517 from spring-cloud/dependabot/npm_and_yarn/docs/main/s...be421f5Bump@springio/antora-extensionsfrom 1.14.11 to 1.14.12 in /docs6ad8d9dMerge pull request #513 from spring-cloud/dependabot/maven/main/org.apache.ma...bc10fd4Merge pull request #514 from spring-cloud/dependabot/maven/org.apache.maven-m...57ecb39Bump org.apache.maven:maven-model from 3.9.15 to 3.9.163963ec2Bump org.apache.maven:maven-model from 3.9.15 to 3.9.16def3e63Upgrading antora to 3.2.0-alpha.12145f1d6Bumping versions0a141a4Update spring-cloud-config.version to 5.0.4-SNAPSHOTUpdates
io.projectreactor.netty:reactor-netty-corefrom 1.3.5 to 1.3.6Release notes
Sourced from io.projectreactor.netty:reactor-netty-core's releases.
Commits
511a3b6[release] Prepare and release 1.3.63d3bdcbMerge-ignore release 1.2.18 into 1.3.69bd9255[release] Back to snapshots, next is 1.2.19-SNAPSHOTc753da4[release] Prepare and release 1.2.181a4c422Update HTTP/3 configuration2c6325eMerge e7ef551ee into 1.3.6e7ef551Refine header handling during redirects22ecd82Merge #4243 into 1.3.6b26ac28Bump biz.aQute.bnd.builder from 7.2.3 to 7.3.0 (#4243)bf1c241Merge #4242 into 1.3.6Updates
org.pitest:pitest-parentfrom 1.25.1 to 1.25.4Release notes
Sourced from org.pitest:pitest-parent's releases.
Commits
5595375Merge pull request #1468 from see-quick/support-configurable-decimal-precision180da11update readme for 1.25.329cfaa7Merge pull request #1476 from hcoles/feature/post_checkse61ab0dintroduce post pre-scan type168a03eupdate readme for 1.25.235328f4Merge pull request #1475 from hcoles/bug/feature_output_formats19eaf7cfeture listeners can be selected by name of featuredece940fix output formatsafcf116force sbom deployment7ed1572Merge pull request #1474 from hcoles/feature/setup_cyclonedxUpdates
org.pitest:pitest-mavenfrom 1.25.1 to 1.25.4Release notes
Sourced from org.pitest:pitest-maven's releases.
Commits
5595375Merge pull request #1468 from see-quick/support-configurable-decimal-precision180da11update readme for 1.25.329cfaa7Merge pull request #1476 from hcoles/feature/post_checkse61ab0dintroduce post pre-scan type168a03eupdate readme for 1.25.235328f4Merge pull request #1475 from hcoles/bug/feature_output_formats19eaf7cfeture listeners can be selected by name of featuredece940fix output formatsafcf116force sbom deployment7ed1572Merge pull request #1474 from hcoles/feature/setup_cyclonedxUpdates
io.netty:netty-codec-httpfrom 4.2.14.Final to 4.2.15.FinalRelease notes
Sourced from io.netty:netty-codec-http's releases.
Commits
a41f7b2[maven-release-plugin] prepare release netty-4.2.15.Final2394530Auto-port 4.2: MQTT: Reject malformed no-payload packets with non-zero Remain...0bd1657Add maxWindowLog parameter to ZstdDecoder to bound memory allocation (#16850)76291f5Fix SCTP and Redis tests (#16893)e067b6eFix revapi warnings (#16885)5a52600Pass maxAllocation to Brotli and Zstd decoders (#16844)