build(deps): Bump the dev-dependencies group with 2 updates#9
Merged
github-actions[bot] merged 1 commit intoMay 15, 2026
Merged
Conversation
Bumps the dev-dependencies group with 2 updates: [org.junit.platform:junit-platform-launcher](https://github.com/junit-team/junit-framework) and [io.micronaut.test:micronaut-test-junit5](https://github.com/micronaut-projects/micronaut-test). Updates `org.junit.platform:junit-platform-launcher` from 1.11.4 to 1.14.4 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/commits) Updates `io.micronaut.test:micronaut-test-junit5` from 4.10.0 to 4.10.3 - [Release notes](https://github.com/micronaut-projects/micronaut-test/releases) - [Commits](micronaut-projects/micronaut-test@v4.10.0...v4.10.3) --- updated-dependencies: - dependency-name: org.junit.platform:junit-platform-launcher dependency-version: 1.14.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: io.micronaut.test:micronaut-test-junit5 dependency-version: 4.10.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
github-actions
Bot
deleted the
dependabot/gradle/dev-dependencies-c97880505c
branch
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
wolpert
added a commit
that referenced
this pull request
May 16, 2026
- ceremony: default UV to REQUIRED so WebAuthn4J enforces flagUV (#2) - ceremony: refuse the non-strict WebAuthnManager when attestation conveyance is not NONE; force operators to wire a strict manager explicitly (#3) - jwt(spring): fail-fast on HS256 secrets shorter than 32 bytes; remove the silent expand() helper that masked weak keys (#4) - jwt(micronaut): fail-fast on blank or short HS256 secrets; remove the zero-pad and random-on-blank fallbacks (#5) - persistence: make signCount updates atomic against concurrent racing assertions so clone detection cannot be silently defeated — JDBI adds AND sign_count < :sc, DynamoDB adds a conditional UpdateItem (#6) - starters: gate LoggingEmailSender / LoggingSmsSender behind dev-mode so magic-link tokens and OTP codes don't silently leak to production logs (#7) - magic-link: replace the unbounded ConcurrentHashMap of consumed JTIs with a TTL-bounded Caffeine cache; fix the Javadoc to match reality (#8) - magic-link: bind verification email to the user via UserLookup#emailFor and reject mismatches; admin service maps the new EmailMismatch result to a 400 (#9) - persistence(dynamodb): server-enforce single-use for backup-code consume and OTP consume/incrementAttempts via ConditionExpression (#10) - persistence(dynamodb): server-enforce challenge expiry in takeOnce via ConditionExpression on expiresAt instead of post-filtering in Java (#11) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the dev-dependencies group with 2 updates: org.junit.platform:junit-platform-launcher and io.micronaut.test:micronaut-test-junit5.
Updates
org.junit.platform:junit-platform-launcherfrom 1.11.4 to 1.14.4Commits
Updates
io.micronaut.test:micronaut-test-junit5from 4.10.0 to 4.10.3Release notes
Sourced from io.micronaut.test:micronaut-test-junit5's releases.
Commits
9adc3ab[skip ci] Release v4.10.365c4a04Remove native-image initialization config in micronaut-test (Java 21/25 compa...68099b6Isolate Kotest restrictions to Kotest docs (#1368)acb3dbcchore: Bump version to 4.10.3-SNAPSHOTbd39720[skip ci] Release v4.10.2af5e0f1graal: initialize at build time junit-platform classes (#1300)fbd8382Move spock leak detection to shared initializer (#1296)f2db894micronaut test 4.10.110241cbmicronaut core 4.10.7bd93614platform 4.10.0Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions