cf-java-component

cf-java-component copied to clipboard

Bumps [snakeyaml](https://bitbucket.org/snakeyaml/snakeyaml) from 1.12 to 1.31. Commits a3e641b Remove unused code for comments d2ed568 Remove unused code ab76f86 Add @​Deprecated annotation to constructs marked with @​deprecated javadoc. bc7869b Make billionLaughsAttackTest.billionLaughsAttackExpanded()...

dependabot[bot]

Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.2.2 to 2.12.6.1. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [spring-boot-starter-web](https://github.com/spring-projects/spring-boot) from 1.0.0.RC4 to 2.5.12. Release notes Sourced from spring-boot-starter-web's releases. v2.5.12 :lady_beetle: Bug Fixes MustacheAutoConfiguration in a Servlet web application fails with a ClassNotFoundException when Spring MVC is...

dependabot[bot]

Is anyone maintaining this codebase? Looks like these are security vulnerabilties / CVEs that need to be patched?

atom888888

[Snyk] Upgrade org.testng:testng from 6.9.10 to 6.14.3

1

Snyk has created this PR to upgrade org.testng:testng from 6.9.10 to 6.14.3. :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify...

snyk-bot

[Snyk] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.2.2 to 2.12.4

1

Snyk has created this PR to upgrade com.fasterxml.jackson.core:jackson-databind from 2.2.2 to 2.12.4. :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify...

snyk-bot

Bump netty-all from 4.0.27.Final to 4.1.42.Final

1

Bumps [netty-all](https://github.com/netty/netty) from 4.0.27.Final to 4.1.42.Final. Commits - [`bd907c3`](https://github.com/netty/netty/commit/bd907c3b3acf3d746ad1143270224aa0f784cd1b) [maven-release-plugin] prepare release netty-4.1.42.Final - [`2791f0f`](https://github.com/netty/netty/commit/2791f0fefac82663ca09dc8aa5dda024152c92f8) Avoid use of global AtomicLong for ScheduledFutureTask ids ([#9599](https://github-redirect.dependabot.com/netty/netty/issues/9599)) - [`86ff76a`](https://github.com/netty/netty/commit/86ff76a4f77662fe1bf61deeec5f3e39e16d4020) Fix incorrect comment ([#9598](https://github-redirect.dependabot.com/netty/netty/issues/9598))...

dependabot[bot]

Bump httpclient from 4.3.6 to 4.5.13

1

Bumps httpclient from 4.3.6 to 4.5.13. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...

dependabot[bot]

Bump logback-classic from 1.0.13 to 1.2.0

1

Bumps logback-classic from 1.0.13 to 1.2.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...

dependabot[bot]

Snyk has created this PR to upgrade org.yaml:snakeyaml from 1.12 to 1.29. :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify...

snyk-bot