DAOS-18530 java: bump assertj-core from 3.19.0 to 3.27.7 #17455
Conversation
dependabot
bot
added
dependencies
dependabot
bot
added
dependencies
|
Ticket title is 'Java: AssertJ has XXE vulnerability' |
|
Test stage NLT on EL 8.8 completed with status UNSTABLE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net/job/daos-stack/job/daos//view/change-requests/job/PR-17455/1/testReport/ |
|
@dependabot rebase |
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.19.0 to 3.27.7. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](assertj/assertj@assertj-core-3.19.0...assertj-build-3.27.7) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-version: 3.27.7 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
force-pushed
the
dependabot/maven/src/client/java/hadoop-daos/org.assertj-assertj-core-3.27.7
branch
from
89744ae to
af2417b
Compare
|
Test stage NLT on EL 8.8 completed with status UNSTABLE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net/job/daos-stack/job/daos//view/change-requests/job/PR-17455/2/testReport/ |
|
Test stage Functional Hardware Medium Verbs Provider MD on SSD completed with status FAILURE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net//job/daos-stack/job/daos/view/change-requests/job/PR-17455/2/execution/node/1313/log |
daltonbohning
changed the title
|
NLT and the failing tests do not use Java |
2 participants
Bumps org.assertj:assertj-core from 3.19.0 to 3.27.7.
Release notes
Sourced from org.assertj:assertj-core's releases.
... (truncated)
Commits
e840716[maven-release-plugin] prepare release assertj-build-3.27.785ca7ebDeprecateXmlStringPrettyFormatter77081dcMerge commit from forkb68fc24Bump github/codeql-action from 4.31.9 to 4.31.10 in the github-actions group ...0cf5bb6Bumpkotlin.versionfrom 2.1.0 to 2.2.21d393ef1Abort tests when symbolic links cannot be created (#3788)2212433Add IntelliJ custom inspection for test class names5717d02Update JetBrains icona8ec20bAdd icon for JetBrains productsc05fb3dBump Maven to 3.9.12 and Wrapper to 3.3.4Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.