From 92d1cc7a29e8dd4e68f70acffaaa356357c6992f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Sep 2025 09:59:30 +0000 Subject: [PATCH 1/2] Bump the gradle-version-updates group across 1 directory with 5 updates Bumps the gradle-version-updates group with 3 updates in the /hooks/persistence-defectdojo/hook directory: [org.springframework:spring-web](https://github.com/spring-projects/spring-framework), [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core) and com.fasterxml.jackson.datatype:jackson-datatype-jsr310. Updates `org.springframework:spring-web` from 6.2.10 to 6.2.11 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.10...v6.2.11) Updates `com.fasterxml.jackson.core:jackson-core` from 2.19.2 to 2.20.0 - [Commits](https://github.com/FasterXML/jackson-core/compare/jackson-core-2.19.2...jackson-core-2.20.0) Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.19.2 to 2.20.0 Updates `com.fasterxml.jackson.core:jackson-databind` from 2.19.2 to 2.20.0 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.datatype:jackson-datatype-jsr310` from 2.19.2 to 2.20.0 --- updated-dependencies: - dependency-name: org.springframework:spring-web dependency-version: 6.2.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gradle-version-updates - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gradle-version-updates - dependency-name: com.fasterxml.jackson.core:jackson-annotations dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gradle-version-updates - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gradle-version-updates - dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-jsr310 dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gradle-version-updates ... Signed-off-by: dependabot[bot] --- hooks/persistence-defectdojo/hook/build.gradle | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/hooks/persistence-defectdojo/hook/build.gradle b/hooks/persistence-defectdojo/hook/build.gradle index de30dd3f24..15bd577046 100644 --- a/hooks/persistence-defectdojo/hook/build.gradle +++ b/hooks/persistence-defectdojo/hook/build.gradle @@ -24,11 +24,11 @@ repositories { dependencies { implementation group: "io.securecodebox", name: "defectdojo-client", version: "2.0.1" implementation group: "io.kubernetes", name: "client-java", version: "20.0.1" - implementation group: "org.springframework", name: "spring-web", version: "6.2.10" - implementation group: "com.fasterxml.jackson.core", name: "jackson-core", version: "2.19.2" - implementation group: "com.fasterxml.jackson.core", name: "jackson-annotations", version: "2.19.2" - implementation group: "com.fasterxml.jackson.core", name: "jackson-databind", version: "2.19.2" - implementation group: "com.fasterxml.jackson.datatype", name: "jackson-datatype-jsr310", version: "2.19.2" + implementation group: "org.springframework", name: "spring-web", version: "6.2.11" + implementation group: "com.fasterxml.jackson.core", name: "jackson-core", version: "2.20.0" + implementation group: "com.fasterxml.jackson.core", name: "jackson-annotations", version: "2.20.0" + implementation group: "com.fasterxml.jackson.core", name: "jackson-databind", version: "2.20.0" + implementation group: "com.fasterxml.jackson.datatype", name: "jackson-datatype-jsr310", version: "2.20.0" implementation group: "org.slf4j", name: "slf4j-api", version: "2.0.17" implementation group: "org.slf4j", name: "slf4j-log4j12", version: "2.0.17" // If I try to notate this like the others (with separate strings) I got errors. No idea why sh... Gradle From 2b9208ce24cb07e24fe9100b470f59f1952772f2 Mon Sep 17 00:00:00 2001 From: Weltraumschaf Date: Tue, 16 Sep 2025 15:04:22 +0200 Subject: [PATCH 2/2] Use Jackson BOM For Consistent Dependencies Signed-off-by: Weltraumschaf --- hooks/persistence-defectdojo/hook/build.gradle | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/hooks/persistence-defectdojo/hook/build.gradle b/hooks/persistence-defectdojo/hook/build.gradle index 15bd577046..9e1d963745 100644 --- a/hooks/persistence-defectdojo/hook/build.gradle +++ b/hooks/persistence-defectdojo/hook/build.gradle @@ -25,10 +25,12 @@ dependencies { implementation group: "io.securecodebox", name: "defectdojo-client", version: "2.0.1" implementation group: "io.kubernetes", name: "client-java", version: "20.0.1" implementation group: "org.springframework", name: "spring-web", version: "6.2.11" - implementation group: "com.fasterxml.jackson.core", name: "jackson-core", version: "2.20.0" - implementation group: "com.fasterxml.jackson.core", name: "jackson-annotations", version: "2.20.0" - implementation group: "com.fasterxml.jackson.core", name: "jackson-databind", version: "2.20.0" - implementation group: "com.fasterxml.jackson.datatype", name: "jackson-datatype-jsr310", version: "2.20.0" + // https://github.com/FasterXML/jackson-bom + implementation platform("com.fasterxml.jackson:jackson-bom:2.20.0") + implementation "com.fasterxml.jackson.core:jackson-core" + implementation "com.fasterxml.jackson.core:jackson-annotations" + implementation "com.fasterxml.jackson.core:jackson-databind" + implementation "com.fasterxml.jackson.datatype:jackson-datatype-jsr310" implementation group: "org.slf4j", name: "slf4j-api", version: "2.0.17" implementation group: "org.slf4j", name: "slf4j-log4j12", version: "2.0.17" // If I try to notate this like the others (with separate strings) I got errors. No idea why sh... Gradle