Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Mend: high confidence minor and patch dependency updates #2

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update Mend: high confidence minor and patch dependency updates #2

wants to merge 1 commit into from

Conversation

mend-for-github-com[bot]
Copy link

@mend-for-github-com mend-for-github-com bot commented Feb 1, 2024
edited

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
com.google.code.gson:gson 2.8.2 -> 2.8.9 age adoption passing confidence
commons-validator:commons-validator (source) 1.6 -> 1.9.0 age adoption passing confidence
commons-codec:commons-codec (source) 1.13 -> 1.17.0 age adoption passing confidence
org.apache.httpcomponents:httpclient 4.5.13 -> 4.5.14 age adoption passing confidence

By merging this PR, the issue #6 will be automatically resolved and closed:

Severity CVSS Score CVE Reachability
High High 7.7 WS-2021-0419
High High 7.5 CVE-2022-25647

Release Notes

google/gson (com.google.code.gson:gson)

v2.8.9

v2.8.8

v2.8.7

v2.8.6

2019-10-04 GitHub Diff

  • Added static methods JsonParser.parseString and JsonParser.parseReader and deprecated instance method JsonParser.parse
  • Java 9 module-info support

v2.8.5

2018-05-21 GitHub Diff

  • Print Gson version while throwing AssertionError and IllegalArgumentException
  • Moved utils.VersionUtils class to internal.JavaVersion. This is a potential backward incompatible change from 2.8.4
  • Fixed issue https://github.com/google/gson/issues/1310 by supporting Debian Java 9

v2.8.4

2018-05-01 GitHub Diff

  • Added a new FieldNamingPolicy, LOWER_CASE_WITH_DOTS that mapps JSON name someFieldName to some.field.name
  • Fixed issue https://github.com/google/gson/issues/1305 by removing compile/runtime dependency on sun.misc.Unsafe

v2.8.3

2018-04-27 GitHub Diff

  • Added a new API, GsonBuilder.newBuilder() that clones the current builder
  • Preserving DateFormatter behavior on JDK 9
  • Numerous other bugfixes
apache/commons-codec (commons-codec:commons-codec)

v1.17.0

The Apache Commons Codec component contains encoders and decoders for
various formats such as Base16, Base32, Base64, digest, and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.

Feature and fix release. Requires a minimum of Java 8.

v1.16.1

The Apache Commons Codec component contains encoders and decoders for
various formats such as Base16, Base32, Base64, digest, and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.

Feature and fix release. Requires a minimum of Java 8.

  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 3 times, most recently from a0d5280 to b6eebbf Compare February 1, 2024 13:56
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 3 times, most recently from 9d98c54 to 1f69ead Compare February 11, 2024 06:44
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 2 times, most recently from ea0f20c to 9ef72e1 Compare February 29, 2024 06:06
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from 9ef72e1 to b02add2 Compare April 3, 2024 03:51
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from b02add2 to 17bc5d0 Compare April 28, 2024 00:40
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from 17bc5d0 to 847f7cd Compare May 5, 2024 18:33
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 4 times, most recently from db87833 to a2e23c4 Compare May 20, 2024 06:14
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from a2e23c4 to cde1ce5 Compare May 29, 2024 05:37
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from cde1ce5 to c128532 Compare May 30, 2024 05:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants