Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set release version to 3.5.5 #1653

Merged
merged 1 commit into from
Nov 26, 2024
Merged

Set release version to 3.5.5 #1653

merged 1 commit into from
Nov 26, 2024

Conversation

kuntzed
Copy link
Collaborator

@kuntzed kuntzed commented Nov 21, 2024
edited
Loading

Release 3.5.5:

  • [token-client] Support CRLF line-endings in PEM formatted service keys

Dependency upgrades:

  • Bump org.apache.httpcomponents.client5:httpclient5 from 5.3.1 to 5.4.1
  • Bump io.projectreactor:reactor-test from 3.6.9 to 3.7.0
  • Update spring versions
    • core to 6.2.0
    • boot to 3.4.0
    • security to 6.4.1
  • Bump org.wiremock:wiremock-standalone from 3.9.1 to 3.9.2
  • Bump uk.org.webcompere:system-stubs-jupiter from 2.1.6 to 2.1.7
  • Bump com.nimbusds:nimbus-jose-jwt from 9.40 to 9.47
  • Bump com.sap.cloud.environment.servicebinding:java-bom from 0.10.5 to 0.20.0
  • Bump log4j2.version from 2.24.1 to 2.24.2
  • Bump org.apache.maven.plugins:maven-pmd-plugin from 3.24.0 to 3.26.0
  • Bump org.apache.maven.plugins:maven-source-plugin from 3.2.1 to 3.3.1
  • Bump net.revelc.code:impsort-maven-plugin from 1.11.0 to 1.12.0
  • Bump org.owasp:dependency-check-maven from 10.0.3 to 11.1.0
  • Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.5 to 3.2.7
  • Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.8.0 to 3.11.1
  • Bump org.apache.maven.plugins:maven-surefire-plugin from 3.4.0 to 3.5.2
  • Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.2 to 4.8.6.6
  • Bump commons-io:commons-io from 2.16.1 to 2.18.0

@kuntzed kuntzed requested a review from finkmanAtSap November 21, 2024 14:22
@koooooo7
Copy link

koooooo7 commented Nov 22, 2024
edited
Loading

Hi @kuntzed , Please consider to upgrade those outdate dependencies for spring-security-* security issues cve-2024-38827 either, thx in advance.

@kuntzed kuntzed force-pushed the release_355 branch 4 times, most recently from fe33737 to a94f82d Compare November 25, 2024 10:04
@kuntzed kuntzed merged commit e9bf935 into main Nov 26, 2024
5 checks passed
@kuntzed kuntzed deleted the release_355 branch November 26, 2024 09:13
finkmanAtSap pushed a commit that referenced this pull request Jan 10, 2025
@kuntzed @finkmanAtSap
Set release version to 3.5.5 (#1653)
4a91914
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@finkmanAtSap finkmanAtSap finkmanAtSap approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kuntzed @koooooo7 @finkmanAtSap