dependabot[bot] opened a new pull request, #258: URL: https://github.com/apache/struts-examples/pull/258
Bumps `struts2.version` from 6.2.0 to 6.3.0. Updates `org.apache.struts:struts2-core` from 6.2.0 to 6.3.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/struts/releases";>org.apache.struts:struts2-core's releases</a>.</em></p> <blockquote> <h2>Struts 6.3.0</h2> <h2>What's Changed</h2> <ul> <li>[WW-5327] Stop using JavaBeans notation for setters in SecurityMemberAccess & MemberAccessValueStack by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/715";>apache/struts#715</a></li> <li>[WW-5233] Include Apache Tiles code base in the Tiles plugin by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/608";>apache/struts#608</a></li> <li>Update StreamResult.java - fix misspell by <a href="https://github.com/ervinpm";><code>@ervinpm</code></a> in <a href="https://redirect.github.com/apache/struts/pull/723";>apache/struts#723</a></li> <li>WW-5332 Add validation for package name parsing by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/726";>apache/struts#726</a></li> <li>[WW-5327] Removes duplicated exclusion by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/729";>apache/struts#729</a></li> <li>Uses Java 17 to perform Code Quality check by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/730";>apache/struts#730</a></li> <li>WW-5334 Enable usage of junit-plugin inside velocity-plugin by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/732";>apache/struts#732</a></li> <li>[WW-5331] Uses proper signature of get() by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/727";>apache/struts#727</a></li> <li>WW-5334 Extract ConventionJUnit4Test into correct module by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/733";>apache/struts#733</a></li> <li>Defines a proper CODEOWNERS file by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/728";>apache/struts#728</a></li> <li>WW-5334 Misc VelocityManager code cleanup by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/731";>apache/struts#731</a></li> <li>WW-5337 Make SecurityMemberAccess exclusion checking more performant by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/736";>apache/struts#736</a></li> <li>WW-5336 Deprecate OgnlTool by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/735";>apache/struts#735</a></li> <li>WW-5334 Fix empty chained context names in VelocityManager by <a href="https://github.com/kusalk";><code>@kusalk</code></a> in <a href="https://redirect.github.com/apache/struts/pull/744";>apache/struts#744</a></li> </ul> <h3>Dependencies</h3> <ul> <li>[WW-5315] Upgrades ASM to version 9.5 by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/695";>apache/struts#695</a></li> <li>[WW-5316] Upgrades commons-io to version 2.13.0 by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/697";>apache/struts#697</a></li> <li>[WW-5317] Upgrades log4j to version 2.20.0 by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/698";>apache/struts#698</a></li> <li>upgrade Felix Maven Bundle Plugin by <a href="https://github.com/hboutemy";><code>@hboutemy</code></a> in <a href="https://redirect.github.com/apache/struts/pull/696";>apache/struts#696</a></li> <li>Feature/update maven dependency plugin by <a href="https://github.com/sepe81";><code>@sepe81</code></a> in <a href="https://redirect.github.com/apache/struts/pull/699";>apache/struts#699</a></li> <li>[WW-5318] Upgrades slf4j to version 2.0.7 by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/700";>apache/struts#700</a></li> <li>Bump actions/upload-artifact from 3.1.0 to 3.1.2 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/struts/pull/702";>apache/struts#702</a></li> <li>Bump actions/cache from 3.0.8 to 3.3.1 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/struts/pull/705";>apache/struts#705</a></li> <li>Bump osgi.core from 7.0.0 to 8.0.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/struts/pull/701";>apache/struts#701</a></li> <li>Bump stax2-api from 4.2 to 4.2.1 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/struts/pull/703";>apache/struts#703</a></li> <li>Bump ossf/scorecard-action from 2.0.6 to 2.2.0 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/struts/pull/704";>apache/struts#704</a></li> <li>Bump assertj-core from 3.15.0 to 3.24.2 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/struts/pull/707";>apache/struts#707</a></li> <li>Bump jaxb-impl from 2.3.2 to 4.0.3 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/struts/pull/708";>apache/struts#708</a></li> <li>Bump net.sf.jasperreports:jasperreports from 6.19.1 to 6.20.5 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/struts/pull/709";>apache/struts#709</a></li> <li>Bump jackson.version from 2.14.1 to 2.15.2 by <a href="https://github.com/dependabot";><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/struts/pull/713";>apache/struts#713</a></li> <li>[WW-5325] Upgrades commons-lang3 to version 2.13.0 by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/714";>apache/struts#714</a></li> <li>[WW-5329] Upgrades xstream to version 1.4.20 by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/721";>apache/struts#721</a></li> <li>Drops duplicated dependency by <a href="https://github.com/lukaszlenart";><code>@lukaszlenart</code></a> in <a href="https://redirect.github.com/apache/struts/pull/737";>apache/struts#737</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ervinpm";><code>@ervinpm</code></a> made their first contribution in <a href="https://redirect.github.com/apache/struts/pull/723";>apache/struts#723</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/apache/struts/compare/STRUTS_6_2_0...STRUTS_6_3_0";>https://github.com/apache/struts/compare/STRUTS_6_2_0...STRUTS_6_3_0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/apache/struts/commits";>compare view</a></li> </ul> </details> <br /> Updates `org.apache.struts:struts2-config-browser-plugin` from 6.2.0 to 6.3.0 Updates `org.apache.struts:struts2-convention-plugin` from 6.2.0 to 6.3.0 Updates `org.apache.struts:struts2-bean-validation-plugin` from 6.2.0 to 6.3.0 Updates `org.apache.struts:struts2-junit-plugin` from 6.2.0 to 6.3.0 Updates `org.apache.struts:struts2-jfreechart-plugin` from 6.2.0 to 6.3.0 Updates `org.apache.struts:struts2-json-plugin` from 6.2.0 to 6.3.0 Updates `org.apache.struts:struts2-spring-plugin` from 6.2.0 to 6.3.0 Updates `org.apache.struts:struts2-portlet-plugin` from 6.2.0 to 6.3.0 Updates `org.apache.struts:struts2-dwr-plugin` from 6.2.0 to 6.3.0 Updates `org.apache.struts:struts2-portlet-tiles-plugin` from 6.2.0 to 6.3.0 Updates `org.apache.struts:struts2-rest-plugin` from 6.2.0 to 6.3.0 Updates `org.apache.struts:struts2-tiles-plugin` from 6.2.0 to 6.3.0 Updates `org.apache.struts:struts2-jasperreports-plugin` from 6.2.0 to 6.3.0 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@struts.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
