Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump jetty-webapp from 9.4.40.v20210413 to 9.4.44.v20210927 #36

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 5, 2023

Bumps jetty-webapp from 9.4.40.v20210413 to 9.4.44.v20210927.

Release notes

Sourced from jetty-webapp's releases.

9.4.44.v20210927

Changelog

  • #6883 - Welcome file redirects do not honor the relativeRedirectAllowed option
  • #6870 - Encode control characters in URIUtil.encodePath
  • #6869 - Correct Content-Type within HTML error pages
  • #6860 - IPv6 format
  • #6652 - Improve ReservedThreadExecutor dump
  • #6618 - ID token azp claim should not be required if aud is single value array
  • #6617 - Add basic auth support for OpenId token endpoint (client_secret_basic)
  • #6603 - HTTP/2 max local stream count exceeded
  • #6562 - HttpOutput.write(ByteBuffer buffer)
  • #6558 - Allow to configure return type in JSON array parsing
  • #6554 - Allow creation of DefaultIdentityService without realmName.
  • #6553 - Review usage of Authentication.UNAUTHENTICATED in SecurityHandler
  • #6535 - Non blocking ReservedThreadExecutor
  • #6520 - Error page has HTML error when writePoweredBy is enabled.
  • #6487 - Expose ServletHolder getter in ServletHandler$ChainEnd for auditing libraries to use

Updated Dependencies

  • #6922 - Bump hawtio-default from 2.13.5 to 2.14.0
  • #6919 - Bump jamon.version from 2.81 to 2.82
  • #6906 - Bump google-cloud-datastore from 2.1.0 to 2.1.2
  • #6903 - Bump grpc-core from 1.40.1 to 1.41.0
  • #6865 - Bump jnr-unixsocket from 0.38.10 to 0.38.11
  • #6858 - Bump guice from 4.2.2 to 5.0.1
  • #6857 - Bump org.eclipse.osgi.services from 3.10.100 to 3.10.200
  • #6847 - Bump org.eclipse.osgi.util from 3.6.0 to 3.6.100
  • #6841 - Bump org.eclipse.osgi from 3.16.300 to 3.17.0
  • #6816 - Bump mariadb-java-client from 2.7.0 to 2.7.4
  • #6786 - Bump org.eclipse.osgi from 3.16.0 to 3.16.300
  • #6772 - Update to asm 9.2
  • #6746 - Bump hazelcast.version from 3.12.10 to 3.12.12
  • #6739 - Bump jmh.version from 1.26 to 1.33
  • #6671 - Update to apache jsp 8.5.70

9.4.43.v20210629

Changelog

  • This release resolves CVE-2021-34429
  • #6473 - Improve alias checking in PathResource
  • #6470 - java.nio.ReadOnlyBufferException
  • #6447 - Deprecate support for UTF16 encoding in URIs
  • #6426 - Update to spifly 1.3.3
  • #6425 - Update to asm 9.1

9.4.42.v20210604

Changelog

... (truncated)

Commits
  • 8da8330 Updating to version 9.4.44.v20210927
  • 1d542be Issue #6558 - Allow configuring return type in JSON array parsing.
  • 992f9a5 Merge pull request #6922 from eclipse/dependabot/maven/jetty-9.4.x/io.hawt-ha...
  • 855b753 Merge pull request #6919 from eclipse/dependabot/maven/jetty-9.4.x/jamon.vers...
  • 4cc0af9 Bump hawtio-default from 2.13.5 to 2.14.0
  • 4dfbf72 Bump jamon.version from 2.81 to 2.82
  • b286497 Issue #3514 backport of mod files filtering (#6897)
  • 9b47247 Merge pull request #6906 from eclipse/dependabot/maven/jetty-9.4.x/com.google...
  • 7791a92 Merge pull request #6903 from eclipse/dependabot/maven/jetty-9.4.x/io.grpc-gr...
  • 84a9b30 Merge pull request #6898 from eclipse/dependabot/maven/jetty-9.4.x/junit.vers...
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps [jetty-webapp](https://github.com/eclipse/jetty.project) from 9.4.40.v20210413 to 9.4.44.v20210927.
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.40.v20210413...jetty-9.4.44.v20210927)

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-webapp
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 5, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants