From 664ff31e3f87228cfefc77104f046cff23bcb128 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 May 2024 00:08:26 +0000 Subject: [PATCH 1/4] fix(deps): bump io.javalin:javalin from 6.1.4 to 6.1.6 Bumps [io.javalin:javalin](https://github.com/javalin/javalin) from 6.1.4 to 6.1.6. - [Release notes](https://github.com/javalin/javalin/releases) - [Commits](https://github.com/javalin/javalin/compare/javalin-parent-6.1.4...javalin-parent-6.1.6) --- updated-dependencies: - dependency-name: io.javalin:javalin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 0610b6eb..5aa09a7e 100644 --- a/build.gradle +++ b/build.gradle @@ -79,7 +79,7 @@ dependencies { implementation 'org.hibernate.validator:hibernate-validator:8.0.1.Final' implementation 'jakarta.el:jakarta.el-api:6.0.0' implementation 'org.bouncycastle:bcpkix-jdk18on:1.78.1' - implementation "io.javalin:javalin:6.1.4", { + implementation "io.javalin:javalin:6.1.6", { // self managed to avoid conflicts exclude group: "org.slf4j" // conflict with Kotlin version in Okio 3.9.0 From 9d9ee31c61dff4c8f1a9deb3ffa577fde1ff9a44 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 May 2024 00:08:32 +0000 Subject: [PATCH 2/4] fix(deps): bump org.assertj:assertj-core from 3.25.3 to 3.26.0 Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.25.3 to 3.26.0. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.25.3...assertj-build-3.26.0) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 5aa09a7e..62368ad2 100644 --- a/build.gradle +++ b/build.gradle @@ -106,7 +106,7 @@ dependencies { testImplementation enforcedPlatform("org.junit:junit-bom:5.10.2") testImplementation 'org.junit.jupiter:junit-jupiter' testImplementation 'org.junit-pioneer:junit-pioneer:2.2.0' - testImplementation 'org.assertj:assertj-core:3.25.3', { + testImplementation 'org.assertj:assertj-core:3.26.0', { // conflict of 1.12.10 in assertj vs 1.12.13 in mockito-core exclude group: "net.bytebuddy", module: "byte-buddy" exclude group: "net.bytebuddy", module: "byte-buddy-agent" From 3691562a00c5d6947a5432461ed87eeaa0653d1c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 May 2024 00:08:34 +0000 Subject: [PATCH 3/4] fix(deps): bump org.apache.commons:commons-compress Bumps org.apache.commons:commons-compress from 1.26.1 to 1.26.2. --- updated-dependencies: - dependency-name: org.apache.commons:commons-compress dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 62368ad2..0856b313 100644 --- a/build.gradle +++ b/build.gradle @@ -117,7 +117,7 @@ dependencies { // CVE-2024-25710 + CVE-2024-26308 in transitive version 1.25.0 exclude group: "org.apache.commons", module: "commons-compress" } - testImplementation 'org.apache.commons:commons-compress:1.26.1' + testImplementation 'org.apache.commons:commons-compress:1.26.2' testImplementation "org.mongodb:mongodb-driver-legacy:${mongoDbDriverVersion}" testImplementation "org.mockito:mockito-junit-jupiter:${mockitoVersion}", { // conflict of 1.14.1 and 1.14.7 in uk.org.webcompere:system-stubs-jupiter From 6ac31fb1286e4b1f4e05e192f1ec8ede5f3dd1c6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 May 2024 00:08:39 +0000 Subject: [PATCH 4/4] fix(deps): bump io.javaoperatorsdk:operator-framework Bumps [io.javaoperatorsdk:operator-framework](https://github.com/operator-framework/java-operator-sdk) from 4.9.0 to 4.9.1. - [Release notes](https://github.com/operator-framework/java-operator-sdk/releases) - [Commits](https://github.com/operator-framework/java-operator-sdk/compare/v4.9.0...v4.9.1) --- updated-dependencies: - dependency-name: io.javaoperatorsdk:operator-framework dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 0856b313..391fcd3c 100644 --- a/build.gradle +++ b/build.gradle @@ -46,7 +46,7 @@ jib { project.ext { mongoDbDriverVersion = "5.1.0" slf4jVersion = "2.0.13" - operatorFrameworkVersion = "4.9.0" + operatorFrameworkVersion = "4.9.1" kubernetesServerMockVersion = "6.12.1" // align with transitive dependency of operator framework mockitoVersion = "5.2.0" jacksonVersion = "2.17.1"