(struts) branch dependabot/maven/jackson.version-2.18.0 created (now 1f2f3827a)

2024-09-30 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch dependabot/maven/jackson.version-2.18.0
in repository https://gitbox.apache.org/repos/asf/struts.git


  at 1f2f3827a Bump jackson.version from 2.17.2 to 2.18.0

No new revisions were added by this update.

(struts) branch dependabot/maven/org.mockito-mockito-core-4.11.0 created (now af87d860d)

2024-09-30 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch 
dependabot/maven/org.mockito-mockito-core-4.11.0
in repository https://gitbox.apache.org/repos/asf/struts.git


  at af87d860d Bump org.mockito:mockito-core from 4.3.1 to 4.11.0

No new revisions were added by this update.

(struts) branch dependabot/maven/log4j2.version-2.24.0 deleted (was 877691d3b)

2024-09-30 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch dependabot/maven/log4j2.version-2.24.0
in repository https://gitbox.apache.org/repos/asf/struts.git


 was 877691d3b Bump log4j2.version from 2.23.1 to 2.24.0

The revisions that were on this branch are still contained in
other references; therefore, this change does not discard any commits
from the repository.

(struts) branch dependabot/maven/log4j2.version-2.24.1 created (now 4ccde0087)

2024-09-30 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch dependabot/maven/log4j2.version-2.24.1
in repository https://gitbox.apache.org/repos/asf/struts.git


  at 4ccde0087 Bump log4j2.version from 2.23.1 to 2.24.1

No new revisions were added by this update.

(struts) branch dependabot/github_actions/github/codeql-action-3.26.9 created (now abc05b3e8)

2024-09-30 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch 
dependabot/github_actions/github/codeql-action-3.26.9
in repository https://gitbox.apache.org/repos/asf/struts.git


  at abc05b3e8 Bump github/codeql-action from 3.26.8 to 3.26.9

No new revisions were added by this update.

(struts) branch dependabot/maven/org.apache.maven.plugins-maven-project-info-reports-plugin-3.7.0 created (now 9d903ddf9)

2024-09-30 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch 
dependabot/maven/org.apache.maven.plugins-maven-project-info-reports-plugin-3.7.0
in repository https://gitbox.apache.org/repos/asf/struts.git


  at 9d903ddf9 Bump 
org.apache.maven.plugins:maven-project-info-reports-plugin

No new revisions were added by this update.

(struts) branch dependabot/maven/commons-logging-commons-logging-1.3.4 created (now 7473b4cef)

2024-09-30 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch 
dependabot/maven/commons-logging-commons-logging-1.3.4
in repository https://gitbox.apache.org/repos/asf/struts.git


  at 7473b4cef Bump commons-logging:commons-logging from 1.3.3 to 1.3.4

No new revisions were added by this update.

(struts) 01/01: Merge pull request #1060 from apache/fix/WW-5297-invalid-session

2024-09-30 Thread lukaszlenart 
This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/struts.git

commit 75cc664fdae4a895e6d9140845fa82901d0db685
Merge: 48c4e3b6a 0bd4266d2
Author: Lukasz Lenart 
AuthorDate: Tue Oct 1 06:44:58 2024 +0200

Merge pull request #1060 from apache/fix/WW-5297-invalid-session

WW-5297 Fixes checking nonce of invalidated session

 .../java/org/apache/struts2/components/UIBean.java |  8 +++-
 .../org/apache/struts2/components/UIBeanTest.java  | 43 +++---
 .../struts2/views/java/simple/AbstractTest.java| 11 ++
 .../apache/struts2/views/java/simple/HeadTest.java |  2 +-
 .../apache/struts2/views/java/simple/LinkTest.java | 18 ++---
 .../struts2/views/java/simple/ScriptTest.java  | 12 --
 6 files changed, 59 insertions(+), 35 deletions(-)

(struts) branch master updated (48c4e3b6a -> 75cc664fd)

2024-09-30 Thread lukaszlenart 
This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/struts.git


from 48c4e3b6a Merge pull request #1058 from 
apache/dependabot/github_actions/github/codeql-action-3.26.8
 add 0bd4266d2 WW-5297 Fixes checking nonce of invalidated session
 new 75cc664fd Merge pull request #1060 from 
apache/fix/WW-5297-invalid-session

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../java/org/apache/struts2/components/UIBean.java |  8 +++-
 .../org/apache/struts2/components/UIBeanTest.java  | 43 +++---
 .../struts2/views/java/simple/AbstractTest.java| 11 ++
 .../apache/struts2/views/java/simple/HeadTest.java |  2 +-
 .../apache/struts2/views/java/simple/LinkTest.java | 18 ++---
 .../struts2/views/java/simple/ScriptTest.java  | 12 --
 6 files changed, 59 insertions(+), 35 deletions(-)

(struts) branch fix/WW-5297-invalid-session deleted (was 0bd4266d2)

2024-09-30 Thread lukaszlenart 
This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a change to branch fix/WW-5297-invalid-session
in repository https://gitbox.apache.org/repos/asf/struts.git


 was 0bd4266d2 WW-5297 Fixes checking nonce of invalidated session

The revisions that were on this branch are still contained in
other references; therefore, this change does not discard any commits
from the repository.

Build failed in Jenkins: Struts ยป Struts-master-JDK8-dependency-check #208

2024-09-30 Thread Apache Jenkins Server 
See 


Changes:

[github] Bump org.apache.maven.plugins:maven-site-plugin from 3.12.1 to 3.20.0

[github] Bump org.owasp:dependency-check-maven from 10.0.3 to 10.0.4

[github] Bump org.codehaus.mojo:exec-maven-plugin from 3.3.0 to 3.4.1

[github] Bump github/codeql-action from 3.26.6 to 3.26.8

[Lukasz Lenart] WW-5297 Fixes checking nonce of invalidated session


--
[...truncated 950.40 KB...]
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.struts/struts\-core@.*$,
 regex=true, 
caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2012-0838, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.struts/struts\-core@.*$,
 regex=true, 
caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2013-1965, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.struts/struts\-core@.*$,
 regex=true, 
caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2013-1966, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.struts/struts\-core@.*$,
 regex=true, 
caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2013-2115, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.struts/struts\-core@.*$,
 regex=true, 
caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2013-2134, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.struts/struts\-core@.*$,
 regex=true, 
caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2013-2135, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.struts/struts\-core@.*$,
 regex=true, 
caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2014-0094, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.struts/struts\-core@.*$,
 regex=true, 
caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2014-0113, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.struts/struts\-core@.*$,
 regex=true, 
caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2015-5169, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.struts/struts\-core@.*$,
 regex=true, 
caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2016-0785, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.struts/struts\-core@.*$,
 regex=true, 
caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2016-4003, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.struts/struts\-annotations@.*$,
 regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:struts, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{gav=PropertyType{value=^org\.apache\.struts:struts\-tiles\:1\.3\.8.*$,
 regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:struts, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{gav=PropertyType{value=^org\.apache\.struts:struts\-taglib\:1\.3\.8.*$,
 regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:struts, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/dom4j/dom4j@.*$, 
regex=true, 
caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2018-1000632, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.beanshell/bsh@.*$,
 regex=true, 
caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2016-2510, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.oval/oval@.*$,
 regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:groovy, 
regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: 
Su