Bump the maven group across 2 directories with 4 updates
Visual Automation IDE — automate anything you see on screen
Brought to you by:
julienmer
Menu
▾
▴
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name=""> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name=""> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name=""> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name="">` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name="">` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name=""> <ignore condition="">` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/julienmerconsulting/SikuliX_VNC_optimized/network/alerts). </ignore></dependency></dependency></dependency></dependency></dependency></dependency>
#1 Bump the maven group across 2 directories with 4 updates
Originally created by: dependabot[bot]
Bumps the maven group with 3 updates in the /IDE directory: io.undertow:undertow-core (github.com), com.fasterxml.jackson.core:jackson-core (github.com) and com.fasterxml.jackson.core:jackson-databind (github.com).
Bumps the maven group with 1 update in the /API directory: org.apache.commons:commons-lang3.
Updates io.undertow:undertow-core from 2.2.25.Final to 2.3.21.Final
Release notes
Sourced from io.undertow:undertow-core's releases (github.com).
v2.3.21.Final
Release 2.3.21.Final (issues.redhat.com) fixes CVE-2024-3884 CVE-2024-4027 CVE-2025-12543 Full list of Jiras: view in Jira
Release Notes - Undertow - Version 2.3.21.Final
... (truncated)
Commits
791c908Prepare 2.3.21.Final5374f57Merge pull request #1862](https://github.com/href="https://redirect.github.com/undertow-io/undertow/issues/1862">/issues/1862) from fl4via/backport-fixes_2.3.x7e25c8f[UNDERTOW-2609] Fix the since version in the@Deprecatedannotation at HttpSe...bd97428[UNDERTOW-2662] Remove the option to disable the RFC 6265 cookie parsing and ...e45da52Revert "[UNDERTOW-2675] Replace the new UndertowOptions by system properties ...f60b476Temporarily revert "[UNDERTOW-2662] Remove the option to disable the RFC 6265...e47fed7Temporarily revert "[UNDERTOW-2609] Fix the since version in the@Deprecated...6484e91Merge pull request #1861](https://github.com/href="https://redirect.github.com/undertow-io/undertow/issues/1861">/issues/1861) from fl4via/backport-fixes_2.3.x6e4b999[UNDERTOW-2609] Fix the since version in the@Deprecatedannotation at HttpSe...2a7d993[UNDERTOW-2421] Consolidate cookie attrib code and add support to attributes ...- Additional commits viewable in compare view
Updates com.fasterxml.jackson.core:jackson-core from 2.9.10 to 2.18.6
Commits
9a46ef8[maven-release-plugin] prepare release jackson-core-2.18.65f192dbPrep for 2.18.6 releaseb0c428eEnforceStreamReadConstraints.maxNumberLengthfor non-blocking (async) pars...7c8b6d5Add test for nesting forDataInput-backedJsonParser(#1550](https://github.com/href="https://redirect.github.com/FasterXML/jackson-core/issues/1550">/issues/1550))97a647bUpdate CI: JDK 23 -> 251601331(backport from 2.21) Fix #1548](https://github.com/href="https://redirect.github.com/FasterXML/jackson-core/issues/1548">/issues/1548): validate max doc length for fixed buffer inpu...fae2542release notes update70c99baUpdate UTF8DataInputJsonParser.java (#1512](https://github.com/href="https://redirect.github.com/FasterXML/jackson-core/issues/1512">/issues/1512))caea665Post-release dep version bump635d3bd[maven-release-plugin] prepare for next development iteration- Additional commits viewable in compare view
Updates com.fasterxml.jackson.core:jackson-databind from 2.12.6.1 to 2.12.7.1
Commits
- See full diff in compare view
Updates org.apache.commons:commons-lang3 from 3.9 to 3.18.0
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name=""> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name=""> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name=""> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name="">` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name="">` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name=""> <ignore condition="">` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/julienmerconsulting/SikuliX_VNC_optimized/network/alerts). </ignore></dependency></dependency></dependency></dependency></dependency></dependency>
Related
Originally posted by: dependabot[bot]
Looks like these dependencies are updatable in another way, so this is no longer needed.
Ticket changed by: dependabot[bot]
Originally posted by: julienmerconsulting
@dependabot rebase
Originally posted by: dependabot[bot]
Looks like this PR is closed. If the branch still exists, you can re-open the PR and then use
@dependabot rebaseor@dependabot recreate. If the branch was deleted, Dependabot will create a new PR on the next scheduled run, or you can trigger an update from the Dependency graph page.Originally posted by: julienmerconsulting
@dependabot rebase
Originally posted by: dependabot[bot]
Looks like this PR is closed. If the branch still exists, you can re-open the PR and then use
@dependabot rebaseor@dependabot recreate. If the branch was deleted, Dependabot will create a new PR on the next scheduled run, or you can trigger an update from the Dependency graph page.Originally posted by: julienmerconsulting
@dependabot rebase
Originally posted by: dependabot[bot]
Looks like this PR is closed. If the branch still exists, you can re-open the PR and then use
@dependabot rebaseor@dependabot recreate. If the branch was deleted, Dependabot will create a new PR on the next scheduled run, or you can trigger an update from the Dependency graph page.Originally posted by: julienmerconsulting
open
Originally posted by: julienmerconsulting
@dependabot rebase
Originally posted by: dependabot[bot]
Looks like this PR is closed. If the branch still exists, you can re-open the PR and then use
@dependabot rebaseor@dependabot recreate. If the branch was deleted, Dependabot will create a new PR on the next scheduled run, or you can trigger an update from the Dependency graph page.