(struts) branch dependabot/maven/ognl-ognl-3.4.2 updated (9cc833764 -> 503a4827e)

[github-bot]

This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch dependabot/maven/ognl-ognl-3.4.2
in repository https://gitbox.apache.org/repos/asf/struts.git


 discard 9cc833764 Bump ognl:ognl from 3.3.4 to 3.4.2
     add e8562c78d Bump org.owasp:dependency-check-maven from 7.2.0 to 8.4.2
     add fc5d1cabe Merge pull request #771 from 
apache/dependabot/maven/org.owasp-dependency-check-maven-8.4.2
     add 5bcf9e785 Improved charset retrieval to get only once.
     add afe31cc01 Update 
core/src/main/java/org/apache/struts2/url/StrutsUrlDecoder.java
     add faa98d7af Update 
core/src/main/java/org/apache/struts2/url/StrutsUrlDecoder.java
     add b15b83dd0 Merge pull request #773 from 
mygreen/improve-urldecoder-peformance
     add c2aec9c07 WW-5358 Expand exclusion lists
     add bd388956c Merge pull request #774 from apache/WW-5358-excl-list
     add 3ef0aa709 Bump ossf/scorecard-action from 2.3.0 to 2.3.1
     add 574da8111 Merge pull request #775 from 
apache/dependabot/github_actions/ossf/scorecard-action-2.3.1
     add f13284832 Bump junit:junit from 4.13.1 to 4.13.2
     add 48b0c1173 Merge pull request #776 from 
apache/dependabot/maven/junit-junit-4.13.2
     add 453130666 Bump org.jacoco:jacoco-maven-plugin from 0.8.8 to 0.8.11
     add 56fc1ddc5 Merge pull request #777 from 
apache/dependabot/maven/org.jacoco-jacoco-maven-plugin-0.8.11
     add 72d617012 Bump slf4j.version from 2.0.7 to 2.0.9
     add d8bc96d17 Merge pull request #783 from 
apache/dependabot/maven/slf4j.version-2.0.9
     add 601fb0ff5 Bump net.sf.jasperreports:jasperreports from 6.20.5 to 6.20.6
     add f511034ac Merge pull request #784 from 
apache/dependabot/maven/net.sf.jasperreports-jasperreports-6.20.6
     add 503a4827e Bump ognl:ognl from 3.3.4 to 3.4.2

This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version.  This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:

 * -- * -- B -- O -- O -- O   (9cc833764)
            \
             N -- N -- N   refs/heads/dependabot/maven/ognl-ognl-3.4.2 
(503a4827e)

You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.

Any revisions marked "omit" are not gone; other references still
refer to them.  Any revisions marked "discard" are gone forever.

No new revisions were added by this update.

Summary of changes:
 .github/workflows/scorecards-analysis.yaml         |   2 +-
 .../org/apache/struts2/url/StrutsUrlDecoder.java   |   5 +-
 .../src/main/resources/struts-excluded-classes.xml | 103 +++++++++++++--------
 plugins/jasperreports/pom.xml                      |   2 +-
 pom.xml                                            |   8 +-
 5 files changed, 75 insertions(+), 45 deletions(-)