From 81faadf10f776e43cb658c8838b8aba252a6d3d5 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 31 Mar 2024 16:09:27 +0000 Subject: [PATCH 01/11] fix: upgrade org.glassfish.jersey.containers:jersey-container-servlet-core from 2.35 to 2.41 Snyk has created this PR to upgrade org.glassfish.jersey.containers:jersey-container-servlet-core from 2.35 to 2.41. See this package in Maven Repository: https://mvnrepository.com/artifact/org.glassfish.jersey.containers/jersey-container-servlet-core/ See this project in Snyk: https://app.snyk.io/org/feuyeux/project/02c98bcc-4c7a-459a-ab06-2006827ca9f8?utm_source=github&utm_medium=referral&page=upgrade-pr --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index fbab3cc5..a4dc6786 100644 --- a/pom.xml +++ b/pom.xml @@ -36,7 +36,7 @@ 10.5.oauth2-rest - 2.35 + 2.41 4.13.2 3.10.1 From 04c1112b11b59c9cd06dc2cb7d52b583a3edfb30 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 31 Mar 2024 16:09:32 +0000 Subject: [PATCH 02/11] fix: upgrade org.springframework.security.oauth:spring-security-oauth2 from 2.0.9.RELEASE to 2.5.2.RELEASE Snyk has created this PR to upgrade org.springframework.security.oauth:spring-security-oauth2 from 2.0.9.RELEASE to 2.5.2.RELEASE. See this package in Maven Repository: https://mvnrepository.com/artifact/org.springframework.security.oauth/spring-security-oauth2/ See this project in Snyk: https://app.snyk.io/org/feuyeux/project/59a85e5b-217c-4587-b0c4-2f7ec8f236b2?utm_source=github&utm_medium=referral&page=upgrade-pr --- 10.5.oauth2-rest/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/10.5.oauth2-rest/pom.xml b/10.5.oauth2-rest/pom.xml index 99218abd..472b1f2e 100644 --- a/10.5.oauth2-rest/pom.xml +++ b/10.5.oauth2-rest/pom.xml @@ -22,7 +22,7 @@ UTF-8 1.8 5.8.11 - 2.0.9.RELEASE + 2.5.2.RELEASE 3.1.10 5.2.24.RELEASE 4.13.1 From 8722fec213f2c49db36a38d52092bbacc886e4cb Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 31 Mar 2024 16:09:32 +0000 Subject: [PATCH 03/11] fix: upgrade org.glassfish.jersey.containers:jersey-container-grizzly2-http from 2.35 to 2.41 Snyk has created this PR to upgrade org.glassfish.jersey.containers:jersey-container-grizzly2-http from 2.35 to 2.41. See this package in Maven Repository: https://mvnrepository.com/artifact/org.glassfish.jersey.containers/jersey-container-grizzly2-http/ See this project in Snyk: https://app.snyk.io/org/feuyeux/project/0cb6fe5e-978c-428e-9240-23c6115a87f9?utm_source=github&utm_medium=referral&page=upgrade-pr --- 4.4.sse/pom.xml | 240 ++++++++++++++++++++++++------------------------ 1 file changed, 120 insertions(+), 120 deletions(-) diff --git a/4.4.sse/pom.xml b/4.4.sse/pom.xml index 712f0a33..89d6d3cb 100644 --- a/4.4.sse/pom.xml +++ b/4.4.sse/pom.xml @@ -1,122 +1,122 @@ - - my.restful - jax-rs2-guideII - 0.0.1-SNAPSHOT - - 4.0.0 - org.feuyeux.restful - sse - war - 0.0.1-SNAPSHOT - - sse - SSE Demo project for JAX-RS2 - - - UTF-8 - 1.8 - 2.35 - 2.2.4 - 2.17.2 - - - - - - org.apache.maven.plugins - maven-compiler-plugin - ${maven-compiler-plugin.version} - - ${java.version} - ${java.version} - UTF-8 - - - - - org.apache.maven.plugins - maven-war-plugin - 2.3 - - false - - - - - - - - - org.glassfish.jersey.containers - jersey-container-servlet - ${jersey.version} - - - - org.glassfish.jersey.containers - jersey-container-grizzly2-http - ${jersey.version} - - - - - org.glassfish.jersey.media - jersey-media-sse - ${jersey.version} - - - - - org.glassfish.jersey.connectors - jersey-apache-connector - ${jersey.version} - test - - - org.glassfish.jersey.test-framework.providers - jersey-test-framework-provider-bundle - ${jersey.version} - pom - test - - - - - org.webjars - jquery - ${jquery.version} - - - - - org.apache.logging.log4j - log4j-api - ${log4j2.version} - - - org.apache.logging.log4j - log4j-core - ${log4j2.version} - - - - - - snapshots.codehaus.org - Codehaus.org Snapshots Maven Repository - http://nexus.codehaus.org/snapshots - default - - - - - - release.maven.java.net - java.net Maven Release Repository - https://maven.java.net/content/groups/public - default - - + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + + my.restful + jax-rs2-guideII + 0.0.1-SNAPSHOT + + 4.0.0 + org.feuyeux.restful + sse + war + 0.0.1-SNAPSHOT + + sse + SSE Demo project for JAX-RS2 + + + UTF-8 + 1.8 + 2.41 + 2.2.4 + 2.17.2 + + + + + + org.apache.maven.plugins + maven-compiler-plugin + ${maven-compiler-plugin.version} + + ${java.version} + ${java.version} + UTF-8 + + + + + org.apache.maven.plugins + maven-war-plugin + 2.3 + + false + + + + + + + + + org.glassfish.jersey.containers + jersey-container-servlet + ${jersey.version} + + + + org.glassfish.jersey.containers + jersey-container-grizzly2-http + ${jersey.version} + + + + + org.glassfish.jersey.media + jersey-media-sse + ${jersey.version} + + + + + org.glassfish.jersey.connectors + jersey-apache-connector + ${jersey.version} + test + + + org.glassfish.jersey.test-framework.providers + jersey-test-framework-provider-bundle + ${jersey.version} + pom + test + + + + + org.webjars + jquery + ${jquery.version} + + + + + org.apache.logging.log4j + log4j-api + ${log4j2.version} + + + org.apache.logging.log4j + log4j-core + ${log4j2.version} + + + + + + snapshots.codehaus.org + Codehaus.org Snapshots Maven Repository + http://nexus.codehaus.org/snapshots + default + + + + + + release.maven.java.net + java.net Maven Release Repository + https://maven.java.net/content/groups/public + default + + From 9363eb040a4d94e445c3822211fdc6eab79b5e29 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 31 Mar 2024 16:09:34 +0000 Subject: [PATCH 04/11] fix: upgrade org.springframework.cloud:spring-cloud-commons from 1.1.0.RELEASE to 1.3.6.RELEASE Snyk has created this PR to upgrade org.springframework.cloud:spring-cloud-commons from 1.1.0.RELEASE to 1.3.6.RELEASE. See this package in Maven Repository: https://mvnrepository.com/artifact/org.springframework.cloud/spring-cloud-commons/ See this project in Snyk: https://app.snyk.io/org/feuyeux/project/55691124-99c2-428b-ba38-fb1c56c0c524?utm_source=github&utm_medium=referral&page=upgrade-pr --- 7.3.3.boot.etcd/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/7.3.3.boot.etcd/pom.xml b/7.3.3.boot.etcd/pom.xml index bbe53137..fa52ab2b 100644 --- a/7.3.3.boot.etcd/pom.xml +++ b/7.3.3.boot.etcd/pom.xml @@ -38,7 +38,7 @@ org.springframework.cloud spring-cloud-commons - 1.1.0.RELEASE + 1.3.6.RELEASE spring-security-crypto From c43ec5d5c623648e4c394be4ebc674482d36d03d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 31 Mar 2024 16:09:37 +0000 Subject: [PATCH 05/11] fix: upgrade com.fasterxml.jackson.core:jackson-annotations from 2.13.2 to 2.16.1 Snyk has created this PR to upgrade com.fasterxml.jackson.core:jackson-annotations from 2.13.2 to 2.16.1. See this package in Maven Repository: https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-annotations/ See this project in Snyk: https://app.snyk.io/org/feuyeux/project/55691124-99c2-428b-ba38-fb1c56c0c524?utm_source=github&utm_medium=referral&page=upgrade-pr --- 7.3.3.boot.etcd/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/7.3.3.boot.etcd/pom.xml b/7.3.3.boot.etcd/pom.xml index bbe53137..f4386bd4 100644 --- a/7.3.3.boot.etcd/pom.xml +++ b/7.3.3.boot.etcd/pom.xml @@ -21,7 +21,7 @@ UTF-8 1.8 3.1.10 - 2.13.2 + 2.16.1 From 67c02cfa2933a8af8d500eb639b388a25af261e9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 3 Apr 2024 17:18:20 +0000 Subject: [PATCH 06/11] build(deps): bump org.apache.tomcat.embed:tomcat-embed-core Bumps org.apache.tomcat.embed:tomcat-embed-core from 8.5.93 to 8.5.99. --- updated-dependencies: - dependency-name: org.apache.tomcat.embed:tomcat-embed-core dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- 10.5.oauth2-rest/client/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/10.5.oauth2-rest/client/pom.xml b/10.5.oauth2-rest/client/pom.xml index 1d75d36b..21e191a0 100644 --- a/10.5.oauth2-rest/client/pom.xml +++ b/10.5.oauth2-rest/client/pom.xml @@ -60,7 +60,7 @@ org.apache.tomcat.embed tomcat-embed-core - 8.5.93 + 8.5.99 provided From 17087b795b7f099a2fb4e272e6b919ae09cb2b54 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 3 Apr 2024 17:18:22 +0000 Subject: [PATCH 07/11] build(deps): bump org.springframework:spring-beans in /6.rest-test Bumps [org.springframework:spring-beans](https://github.com/spring-projects/spring-framework) from 5.3.19 to 5.3.20. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.19...v5.3.20) --- updated-dependencies: - dependency-name: org.springframework:spring-beans dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- 6.rest-test/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/6.rest-test/pom.xml b/6.rest-test/pom.xml index d6dcecb9..f016de79 100644 --- a/6.rest-test/pom.xml +++ b/6.rest-test/pom.xml @@ -12,7 +12,7 @@ 1.8 2.36 - 5.3.19 + 5.3.20 4.13.2 3.6.0 8.0.31 From c393879a2bc84933e8275f4b271e3b0440e9745d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Apr 2024 13:59:06 +0000 Subject: [PATCH 08/11] build(deps): bump com.google.guava:guava Bumps [com.google.guava:guava](https://github.com/google/guava) from 31.1-jre to 32.0.0-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- 2.3.6-3.simple-service-jackson/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/2.3.6-3.simple-service-jackson/pom.xml b/2.3.6-3.simple-service-jackson/pom.xml index 6f45e138..986f50f2 100644 --- a/2.3.6-3.simple-service-jackson/pom.xml +++ b/2.3.6-3.simple-service-jackson/pom.xml @@ -12,7 +12,7 @@ 1.8 - 31.1-jre + 32.0.0-jre 2.31 3.6.0 3.8.0 From 66c7cbcbe43a12958600877c3b8871e87ffcf536 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Apr 2024 13:59:36 +0000 Subject: [PATCH 09/11] build(deps): bump com.google.guava:guava Bumps [com.google.guava:guava](https://github.com/google/guava) from 30.1.1-jre to 32.0.0-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- 2.3.6-4.simple-service-jettison/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/2.3.6-4.simple-service-jettison/pom.xml b/2.3.6-4.simple-service-jettison/pom.xml index e3df5914..b7657c18 100644 --- a/2.3.6-4.simple-service-jettison/pom.xml +++ b/2.3.6-4.simple-service-jettison/pom.xml @@ -13,7 +13,7 @@ 1.8 - 30.1.1-jre + 32.0.0-jre 3.0.13 3.6.0 2.6 From 4e2a03012ba628d1b6e252f07e562ae30f5486cb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Apr 2024 13:59:36 +0000 Subject: [PATCH 10/11] build(deps): bump com.google.guava:guava in /2.3.6-1.simple-service-moxy Bumps [com.google.guava:guava](https://github.com/google/guava) from 30.1.1-jre to 32.0.0-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- 2.3.6-1.simple-service-moxy/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/2.3.6-1.simple-service-moxy/pom.xml b/2.3.6-1.simple-service-moxy/pom.xml index 88b2d5bb..6936426c 100644 --- a/2.3.6-1.simple-service-moxy/pom.xml +++ b/2.3.6-1.simple-service-moxy/pom.xml @@ -12,7 +12,7 @@ 1.8 - 30.1.1-jre + 32.0.0-jre 2.35 3.6.0 2.6 From 0000f08512cd2494f86ba159a047c37a3caa2f9c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Apr 2024 13:59:37 +0000 Subject: [PATCH 11/11] build(deps): bump com.google.guava:guava in /3.jaxrs2-handle Bumps [com.google.guava:guava](https://github.com/google/guava) from 30.1.1-jre to 32.0.0-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- 3.jaxrs2-handle/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3.jaxrs2-handle/pom.xml b/3.jaxrs2-handle/pom.xml index 1230c61e..0c789c65 100644 --- a/3.jaxrs2-handle/pom.xml +++ b/3.jaxrs2-handle/pom.xml @@ -22,7 +22,7 @@ 4.13.1 1.7.32 1.2.15 - 30.1.1-jre + 32.0.0-jre