Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the gradle group with 4 updates #143

Closed
wants to merge 1 commit into from
Closed

Bump the gradle group with 4 updates #143

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 20, 2023

Bumps the gradle group with 4 updates: org.xerial.snappy:snappy-java, com.github.navikt:dagpenger-streams, no.finn.unleash:unleash-client-java and no.nav.security:mock-oauth2-server.

Updates org.xerial.snappy:snappy-java from 1.1.8.2 to 1.1.10.5

Release notes

Sourced from org.xerial.snappy:snappy-java's releases.

v1.1.10.5

What's Changed

🚀 Features

🐛 Bug Fixes

🔗 Dependency Updates

New Contributors

Full Changelog: xerial/snappy-java@v1.1.10.4...v1.1.10.5

v1.1.10.4

What's Changed

Security Fix

  • CVE-2023-43642 Fixed SnappyInputStream so as not to allocate too large memory when decompressing data with an extremely large chunk size by @​tunnelshade (code change)
    • This does not affect users only using Snappy.compress/uncompress methods

🚀 Features

  • feature: Upgrade the internal snappy version to 1.1.10 (1.1.8 was wrongly used before) by @​xerial in xerial/snappy-java#508
  • Support JDK21 (no internal change)

🔗 Dependency Updates

🛠 Internal Updates

... (truncated)

Commits
  • 08abfa4 Update native libraries for 4b2c1e89a42bc1fc715199974140f93cefe37d71 (#521)
  • 4b2c1e8 win-aarch64 (fix): Fix dll name (#520)
  • 0fff1ac Update native libraries for e6d1196bc68dd76d19e915ee0124c4d42b020ef2 (#519)
  • e6d1196 internal fix: Use Windows-aarch64 target name and compiler options (#518)
  • 3c67a7b ppc64-le (Fix): Use an LTS-version of cross-compiler for Linux ppc64-le (#516)
  • 67f5d26 Bump jwlawson/actions-setup-cmake from 1.13 to 1.14 (#514)
  • ee96b64 Feature: Add Windows arm64 support (#511)
  • 0016fed Fix GLIBC_2.32 not found error on IBM PowerPC LE RedHat 8.6 OS (required by /...
  • 681b2e1 internal: Support JDK21 (#510)
  • 9f8c3cf Merge pull request from GHSA-55g7-9cwv-5qfv
  • Additional commits viewable in compare view

Updates com.github.navikt:dagpenger-streams from 20231220.ec218b to 2023081812031692353030.ca95330b1ba8

Release notes

Sourced from com.github.navikt:dagpenger-streams's releases.

2023081812031692353030.ca95330b1ba8

Full Changelog: navikt/dagpenger-streams@2023.04.26-10.04.3a1a87ddfe2c...2023081812031692353030.ca95330b1ba8

Commits

Updates no.finn.unleash:unleash-client-java from 3.2.9 to 4.4.1

Release notes

Sourced from no.finn.unleash:unleash-client-java's releases.

unleash-client-java-4.4.1

  • f2397ee - Backport fix: Prevent VariantUtil from treating default as custom (#141)

unleash-client-java-4.4.0

  • 97d7a67 - [maven-release-plugin] prepare for next development iteration
  • 4477553 - chore: setup publishing av javadoc to gh-pages
  • 323877c - Feat/custom stickiness (#139)
  • 3bfd1b0 - [maven-release-plugin] prepare release unleash-client-java-4.4.0

unleash-client-java-4.3.0

  • 0612158 - [maven-release-plugin] prepare for next development iteration
  • 9329a17 - Chore: Fix typo (#134)
  • 72bb289 - fix: add API token to all examples
  • 420a318 - feat(#136): Adding support for custom proxy (#137)
  • d64113d - feat: Add support for leveraging namePrefix in Java SDK (#135)
  • 171f05e - fix: failing test
  • e6f1fbb - chore: update changelog
  • fc46c89 - [maven-release-plugin] prepare release unleash-client-java-4.3.0

unleash-client-java-4.2.1

  • b4fbb2d - [maven-release-plugin] prepare for next development iteration
  • 6c0b084 - fix: bootstrap handler could crash app with NPE
  • fdd4ac8 - [maven-release-plugin] prepare release unleash-client-java-4.2.1

unleash-client-java-4.2.0

  • 9afbc6f - [maven-release-plugin] prepare for next development iteration
  • 2a89310 - fix: formatting after build (#126)
  • 2d201fc - feat: Add support for fallback strategy (#127)
  • 20a7fd8 - chore: Use getOrDefault instead of Optional.ofNullable.orElse to aid in readability (#130)
  • b0861a0 - Add a FeatureToggle bootstrapper. (#131)
  • 8ed64a9 - chore: fix typo
  • 1df73ec - [maven-release-plugin] prepare release unleash-client-java-4.2.0

unleash-client-java-4.1.0

  • 4442063 - [maven-release-plugin] prepare for next development iteration
  • 2fe43a2 - chore: Add java code style rules
  • 0f01db1 - Add Nullable annotations where applicable
  • 15012e4 - Merge pull request #122 from checketts/add-nullability-annotations
  • a2e2447 - Update build badge to GHA
  • d634838 - fix: Add logging for when a matching strategy is not found (#123)
  • ae60bd7 - feat: Add ability to disable metrics via UnleashContext (#125)
  • 99b4b4b - chore: prepare changelog for next release
  • e8e6f5e - [maven-release-plugin] prepare release unleash-client-java-4.1.0

unleash-client-java-4.0.1

  • 8585ccb - fix: Added developers section to pom
  • 69aac4f - chore: Move build to github actions
  • 5e4bb2e - Changed to slf4j-api for logging.
  • 4d5e652 - feat: Add support for filtering toggles on project
  • 10171dc - fix: Add environment to metrics (#121)

... (truncated)

Changelog

Sourced from no.finn.unleash:unleash-client-java's changelog.

Changelog

6.0.1

  • Make connect and read timeouts configurable for both toggle fetching and metrics posting

6.0.0

  • Remove deprecated no.finn.unleash package
  • feat: Added support for providing custom ToggleFetcher through a UnleashToggleFetcherFactory (A Function```

5.1.0

5.0.4

  • fix: Bootstrap no longer fails hard when passed invalid json. It now returns an empty list of features if the bootstrap json could not be parsed.

5.0.0

  • chore: Refactor package names. Moving from no.finn.unleash to io.getunleash to reflect where development is taking place.

4.4.0

  • feat: Add support for custom stickiness (#132)

4.3.0

  • feat: Add support for leveraging namePrefix in Java SDK (#135)
  • feat: Adding support for custom proxy (#137)

4.2.1

  • fix: Make sure empty bootstrap path does not crash app
  • feat: Default to trying UNLEASH_BOOTSTRAP_FILE environment variable for finding bootstrap
  • feat: Add support for filtering by namePrefix

4.2.0

  • feat: Add ability to bootstrap features from files via UNLEASH_BOOTSTRAP_FILE (#129)
  • feat: Add ability to provide bootstrap via custom ToggleBootstrapProvider (#129)

4.1.0

  • feat: Add ability to disable metrics via UnleashContext (#125)
  • fix: Add logging for when a matching strategy is not found (#123)
  • fix: Add Nullable annotations where applicable

4.0.0

  • feat: Switched to slf4j-api logging
  • feat: add support for filtering on project (Enterprise only)
  • fix: BREAKING CHANGE UnleashConfig constructor is now private.
  • fix: Use UnleashConfig.Builder to get instance of UnleashConfig
  • feat: Add annotations to indicate null and nonnull method signatures, also supports Kotlin
  • feat: Added 'more' method to Unleash API to place advanced usecases like evaluating all toggles at once and manually incrementing usage counts
  • feat: Add warning when a matching strategy for a toggle can't be found

3.3.4

  • fix: follow redirect once (#115)
  • chore(deps): bump version.log4j2 from 2.11.2 to 2.13.3 (#109)

... (truncated)

Commits
  • 5b8beab [maven-release-plugin] prepare release unleash-client-java-4.4.1
  • 2d85bbf Set snapshot version for release plugin
  • a02c8a5 Backport variant default for 4.4
  • 3bfd1b0 [maven-release-plugin] prepare release unleash-client-java-4.4.0
  • 323877c Feat/custom stickiness (#139)
  • 4477553 chore: setup publishing av javadoc to gh-pages
  • 97d7a67 [maven-release-plugin] prepare for next development iteration
  • fc46c89 [maven-release-plugin] prepare release unleash-client-java-4.3.0
  • e6f1fbb chore: update changelog
  • 171f05e fix: failing test
  • Additional commits viewable in compare view

Updates no.nav.security:mock-oauth2-server from 0.5.7 to 2.1.0

Release notes

Sourced from no.nav.security:mock-oauth2-server's releases.

2.1.0

What's Changed

🚀 Features

  • Regex based matching in RequestMappingTokenCallback and request parameters used as variables inside claims (#578) @​kvokacka

⬆️ Dependency upgrades

2.0.1

What's Changed

🚀 Features

  • feat: basic client authentication for token exchange grant (#564) @​valdemon

🐛 Bug Fixes

  • fix: use hostname instead of canonicalHostname (#586) @​tronghn
    • this should resolve issues with inconsistent URLs for Windows users
  • fix(httpRequest): naming clash, update nimbus sdk to latest (#576) @​ybelMekk

⬆️ Dependency upgrades

... (truncated)

Commits
  • bbb1fdf chore(deps): bump ch.qos.logback:logback-classic from 1.4.13 to 1.4.14 (#604)
  • 52160a6 chore(deps): bump actions/stale from 8 to 9 (#605)
  • b896913 chore(deps): bump ktorVersion from 2.3.6 to 2.3.7 (#606)
  • b449a92 chore(deps): bump ch.qos.logback:logback-classic from 1.4.11 to 1.4.13 (#602)
  • 8a07264 chore(deps): bump actions/setup-java from 3 to 4 (#603)
  • f0295bd chore(deps): bump JamesIves/github-pages-deploy-action (#601)
  • b8609ec chore(deps): bump springBootVersion from 3.1.5 to 3.2.0 (#596)
  • 4f99951 chore(deps): bump jvm from 1.9.20 to 1.9.21 (#597)
  • 18582a1 chore(deps): bump org.jetbrains.kotlin:kotlin-test-junit5 (#598)
  • 4f1442d - request parameters can be used as variables inside claims (#578)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the gradle group with 4 updates
a214b2f 
Bumps the gradle group with 4 updates: [org.xerial.snappy:snappy-java](https://github.com/xerial/snappy-java), [com.github.navikt:dagpenger-streams](https://github.com/navikt/dagpenger-streams), [no.finn.unleash:unleash-client-java](https://github.com/Unleash/unleash-client-java) and [no.nav.security:mock-oauth2-server](https://github.com/navikt/mock-oauth2-server).


Updates `org.xerial.snappy:snappy-java` from 1.1.8.2 to 1.1.10.5
- [Release notes](https://github.com/xerial/snappy-java/releases)
- [Commits](xerial/snappy-java@1.1.8.2...v1.1.10.5)

Updates `com.github.navikt:dagpenger-streams` from 20231220.ec218b to 2023081812031692353030.ca95330b1ba8
- [Release notes](https://github.com/navikt/dagpenger-streams/releases)
- [Commits](https://github.com/navikt/dagpenger-streams/commits)

Updates `no.finn.unleash:unleash-client-java` from 3.2.9 to 4.4.1
- [Release notes](https://github.com/Unleash/unleash-client-java/releases)
- [Changelog](https://github.com/Unleash/unleash-client-java/blob/main/CHANGELOG.md)
- [Commits](Unleash/unleash-client-java@unleash-client-java-3.2.9...unleash-client-java-4.4.1)

Updates `no.nav.security:mock-oauth2-server` from 0.5.7 to 2.1.0
- [Release notes](https://github.com/navikt/mock-oauth2-server/releases)
- [Commits](navikt/mock-oauth2-server@0.5.7...2.1.0)

---
updated-dependencies:
- dependency-name: org.xerial.snappy:snappy-java
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: com.github.navikt:dagpenger-streams
  dependency-type: direct:production
  dependency-group: gradle
- dependency-name: no.finn.unleash:unleash-client-java
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gradle
- dependency-name: no.nav.security:mock-oauth2-server
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gradle
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team as a code owner December 20, 2023 13:13
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Dec 20, 2023
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 21, 2023

The group that created this PR has been removed from your configuration.

@dependabot dependabot bot closed this Dec 21, 2023
@dependabot dependabot bot deleted the dependabot/gradle/gradle-bf4b80d133 branch December 21, 2023 09:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants