Bump junit-jupiter-api from 5.8.2 to 5.9.0#692
Closed
dependabot[bot] wants to merge 38 commits intodevfrom
Closed
Conversation
Updating branch with latest changes
Adding client validation for email
Changing how the login and registration pages look to improve UX
* Adding a breakdown of points
* Fixing Some Levels, Upgrading Libraries, Enhancement to Tomcat and verifying fixes (#638) * publish to OWASP DockerHub * update readme to point to owasp shepherd * closes issue #620 * closes issue #622 * closes issue #624 * removing unused import * fixing linting issue * fixing some weirdness when running on docker where key doesn't get displayed properly * Bump fongo from 2.0.6 to 2.1.1 Bumps [fongo](https://github.com/fakemongo/fongo) from 2.0.6 to 2.1.1. - [Release notes](https://github.com/fakemongo/fongo/releases) - [Changelog](https://github.com/fakemongo/fongo/blob/master/CHANGELOG) - [Commits](fakemongo/fongo@fongo-2.0.6...fongo-2.1.1) --- updated-dependencies: - dependency-name: com.github.fakemongo:fongo dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump argon2-jvm from 2.2 to 2.11 Bumps [argon2-jvm](https://github.com/phxql/argon2-jvm) from 2.2 to 2.11. - [Release notes](https://github.com/phxql/argon2-jvm/releases) - [Changelog](https://github.com/phxql/argon2-jvm/blob/master/CHANGELOG.md) - [Commits](phxql/argon2-jvm@v2.2...v2.11) --- updated-dependencies: - dependency-name: de.mkammerer:argon2-jvm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-context from 5.1.1.RELEASE to 5.3.19 Bumps [spring-context](https://github.com/spring-projects/spring-framework) from 5.1.1.RELEASE to 5.3.19. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.1.1.RELEASE...v5.3.19) --- updated-dependencies: - dependency-name: org.springframework:spring-context dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-web from 5.3.16 to 5.3.19 Bumps [spring-web](https://github.com/spring-projects/spring-framework) from 5.3.16 to 5.3.19. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.16...v5.3.19) --- updated-dependencies: - dependency-name: org.springframework:spring-web dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump encoder from 1.2.1 to 1.2.3 Bumps [encoder](https://github.com/owasp/owasp-java-encoder) from 1.2.1 to 1.2.3. - [Release notes](https://github.com/owasp/owasp-java-encoder/releases) - [Commits](OWASP/owasp-java-encoder@v1.2.1...v1.2.3) --- updated-dependencies: - dependency-name: org.owasp.encoder:encoder dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump junit-jupiter-engine from 5.0.1 to 5.8.2 Bumps [junit-jupiter-engine](https://github.com/junit-team/junit5) from 5.0.1 to 5.8.2. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](junit-team/junit-framework@r5.0.1...r5.8.2) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump mongo-java-driver from 3.4.1 to 3.12.10 Bumps [mongo-java-driver](https://github.com/mongodb/mongo-java-driver) from 3.4.1 to 3.12.10. - [Release notes](https://github.com/mongodb/mongo-java-driver/releases) - [Commits](mongodb/mongo-java-driver@r3.4.1...r3.12.10) --- updated-dependencies: - dependency-name: org.mongodb:mongo-java-driver dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Fixing issue where csrf two and three crossover * Bump spring-data-mongodb from 2.1.1.RELEASE to 3.3.3 Bumps spring-data-mongodb from 2.1.1.RELEASE to 3.3.3. --- updated-dependencies: - dependency-name: org.springframework.data:spring-data-mongodb dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven-compiler-plugin from 3.8.1 to 3.10.1 Bumps [maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.8.1 to 3.10.1. - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](apache/maven-compiler-plugin@maven-compiler-plugin-3.8.1...maven-compiler-plugin-3.10.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Conforming to the way xxe challenge 1 is set up * cheats for xxe levels * fixing lint issue * Bump properties-maven-plugin from 1.0.0 to 1.1.0 Bumps [properties-maven-plugin](https://github.com/mojohaus/properties-maven-plugin) from 1.0.0 to 1.1.0. - [Release notes](https://github.com/mojohaus/properties-maven-plugin/releases) - [Commits](mojohaus/properties-maven-plugin@properties-maven-plugin-1.0.0...properties-maven-plugin-1.1.0) --- updated-dependencies: - dependency-name: org.codehaus.mojo:properties-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump json from 20211205 to 20220320 Bumps [json](https://github.com/douglascrockford/JSON-java) from 20211205 to 20220320. - [Release notes](https://github.com/douglascrockford/JSON-java/releases) - [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md) - [Commits](https://github.com/douglascrockford/JSON-java/commits) --- updated-dependencies: - dependency-name: org.json:json dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-test from 5.0.7.RELEASE to 5.3.19 Bumps [spring-test](https://github.com/spring-projects/spring-framework) from 5.0.7.RELEASE to 5.3.19. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.0.7.RELEASE...v5.3.19) --- updated-dependencies: - dependency-name: org.springframework:spring-test dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-core from 5.0.11.RELEASE to 5.3.19 Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 5.0.11.RELEASE to 5.3.19. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.0.11.RELEASE...v5.3.19) --- updated-dependencies: - dependency-name: org.springframework:spring-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven-clean-plugin from 3.1.0 to 3.2.0 Bumps [maven-clean-plugin](https://github.com/apache/maven-clean-plugin) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/apache/maven-clean-plugin/releases) - [Commits](apache/maven-clean-plugin@maven-clean-plugin-3.1.0...maven-clean-plugin-3.2.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-clean-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump build-helper-maven-plugin from 3.0.0 to 3.3.0 Bumps [build-helper-maven-plugin](https://github.com/mojohaus/build-helper-maven-plugin) from 3.0.0 to 3.3.0. - [Release notes](https://github.com/mojohaus/build-helper-maven-plugin/releases) - [Commits](mojohaus/build-helper-maven-plugin@build-helper-maven-plugin-3.0.0...build-helper-maven-plugin-3.3.0) --- updated-dependencies: - dependency-name: org.codehaus.mojo:build-helper-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fixing csrf challenge 2 where id was not displayed and cheat had a typo * marking adjustments to CSRF levels to make them clearer * fixing lint issue * adjusting xxe * fixing lint issue * fixing lint issue * fixing lint issue * fixing lint issue * Revert "adjusting xxe" * fixing lint issue * Bump spring-data-mongodb from 2.1.1.RELEASE to 3.3.4 Bumps spring-data-mongodb from 2.1.1.RELEASE to 3.3.4. --- updated-dependencies: - dependency-name: org.springframework.data:spring-data-mongodb dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump mockito-core from 4.4.0 to 4.5.1 Bumps [mockito-core](https://github.com/mockito/mockito) from 4.4.0 to 4.5.1. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v4.4.0...v4.5.1) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump mongo-java-driver from 3.12.10 to 3.12.11 Bumps [mongo-java-driver](https://github.com/mongodb/mongo-java-driver) from 3.12.10 to 3.12.11. - [Release notes](https://github.com/mongodb/mongo-java-driver/releases) - [Commits](mongodb/mongo-java-driver@r3.12.10...r3.12.11) --- updated-dependencies: - dependency-name: org.mongodb:mongo-java-driver dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Increase maximum header size to allow proxy headers Increase the maxHttpHeaderSize to "65536" to allow oauth proxy headers Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Spencer Niemi <spencer.niemi@elastic.co> * Bump spring-test from 5.0.7.RELEASE to 5.3.20 Bumps [spring-test](https://github.com/spring-projects/spring-framework) from 5.0.7.RELEASE to 5.3.20. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.0.7.RELEASE...v5.3.20) --- updated-dependencies: - dependency-name: org.springframework:spring-test dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump keytool-maven-plugin from 1.5 to 1.6 Bumps [keytool-maven-plugin](https://github.com/mojohaus/keytool) from 1.5 to 1.6. - [Release notes](https://github.com/mojohaus/keytool/releases) - [Commits](mojohaus/keytool@keytool-1.5...keytool-1.6) --- updated-dependencies: - dependency-name: org.codehaus.mojo:keytool-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-data-mongodb from 2.1.1.RELEASE to 3.4.0 Bumps [spring-data-mongodb](https://github.com/spring-projects/spring-data-mongodb) from 2.1.1.RELEASE to 3.4.0. - [Release notes](https://github.com/spring-projects/spring-data-mongodb/releases) - [Commits](spring-projects/spring-data-mongodb@2.1.1.RELEASE...3.4.0) --- updated-dependencies: - dependency-name: org.springframework.data:spring-data-mongodb dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-core from 5.0.11.RELEASE to 5.3.20 Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 5.0.11.RELEASE to 5.3.20. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.0.11.RELEASE...v5.3.20) --- updated-dependencies: - dependency-name: org.springframework:spring-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump jsoup from 1.14.3 to 1.15.1 Bumps [jsoup](https://github.com/jhy/jsoup) from 1.14.3 to 1.15.1. - [Release notes](https://github.com/jhy/jsoup/releases) - [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES) - [Commits](jhy/jsoup@jsoup-1.14.3...jsoup-1.15.1) --- updated-dependencies: - dependency-name: org.jsoup:jsoup dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-web from 5.3.19 to 5.3.20 Bumps [spring-web](https://github.com/spring-projects/spring-framework) from 5.3.19 to 5.3.20. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.19...v5.3.20) --- updated-dependencies: - dependency-name: org.springframework:spring-web dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-context from 5.3.19 to 5.3.20 Bumps [spring-context](https://github.com/spring-projects/spring-framework) from 5.3.19 to 5.3.20. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.19...v5.3.20) --- updated-dependencies: - dependency-name: org.springframework:spring-context dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Spencer Niemi <spencer.niemi@elastic.co>
* Fixing Some Levels, Upgrading Libraries, Enhancement to Tomcat and verifying fixes (#638) * publish to OWASP DockerHub * update readme to point to owasp shepherd * closes issue #620 * closes issue #622 * closes issue #624 * removing unused import * fixing linting issue * fixing some weirdness when running on docker where key doesn't get displayed properly * Bump fongo from 2.0.6 to 2.1.1 Bumps [fongo](https://github.com/fakemongo/fongo) from 2.0.6 to 2.1.1. - [Release notes](https://github.com/fakemongo/fongo/releases) - [Changelog](https://github.com/fakemongo/fongo/blob/master/CHANGELOG) - [Commits](fakemongo/fongo@fongo-2.0.6...fongo-2.1.1) --- updated-dependencies: - dependency-name: com.github.fakemongo:fongo dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump argon2-jvm from 2.2 to 2.11 Bumps [argon2-jvm](https://github.com/phxql/argon2-jvm) from 2.2 to 2.11. - [Release notes](https://github.com/phxql/argon2-jvm/releases) - [Changelog](https://github.com/phxql/argon2-jvm/blob/master/CHANGELOG.md) - [Commits](phxql/argon2-jvm@v2.2...v2.11) --- updated-dependencies: - dependency-name: de.mkammerer:argon2-jvm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-context from 5.1.1.RELEASE to 5.3.19 Bumps [spring-context](https://github.com/spring-projects/spring-framework) from 5.1.1.RELEASE to 5.3.19. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.1.1.RELEASE...v5.3.19) --- updated-dependencies: - dependency-name: org.springframework:spring-context dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-web from 5.3.16 to 5.3.19 Bumps [spring-web](https://github.com/spring-projects/spring-framework) from 5.3.16 to 5.3.19. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.16...v5.3.19) --- updated-dependencies: - dependency-name: org.springframework:spring-web dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump encoder from 1.2.1 to 1.2.3 Bumps [encoder](https://github.com/owasp/owasp-java-encoder) from 1.2.1 to 1.2.3. - [Release notes](https://github.com/owasp/owasp-java-encoder/releases) - [Commits](OWASP/owasp-java-encoder@v1.2.1...v1.2.3) --- updated-dependencies: - dependency-name: org.owasp.encoder:encoder dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump junit-jupiter-engine from 5.0.1 to 5.8.2 Bumps [junit-jupiter-engine](https://github.com/junit-team/junit5) from 5.0.1 to 5.8.2. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](junit-team/junit-framework@r5.0.1...r5.8.2) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump mongo-java-driver from 3.4.1 to 3.12.10 Bumps [mongo-java-driver](https://github.com/mongodb/mongo-java-driver) from 3.4.1 to 3.12.10. - [Release notes](https://github.com/mongodb/mongo-java-driver/releases) - [Commits](mongodb/mongo-java-driver@r3.4.1...r3.12.10) --- updated-dependencies: - dependency-name: org.mongodb:mongo-java-driver dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Fixing issue where csrf two and three crossover * Bump spring-data-mongodb from 2.1.1.RELEASE to 3.3.3 Bumps spring-data-mongodb from 2.1.1.RELEASE to 3.3.3. --- updated-dependencies: - dependency-name: org.springframework.data:spring-data-mongodb dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven-compiler-plugin from 3.8.1 to 3.10.1 Bumps [maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.8.1 to 3.10.1. - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](apache/maven-compiler-plugin@maven-compiler-plugin-3.8.1...maven-compiler-plugin-3.10.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Conforming to the way xxe challenge 1 is set up * cheats for xxe levels * fixing lint issue * Bump properties-maven-plugin from 1.0.0 to 1.1.0 Bumps [properties-maven-plugin](https://github.com/mojohaus/properties-maven-plugin) from 1.0.0 to 1.1.0. - [Release notes](https://github.com/mojohaus/properties-maven-plugin/releases) - [Commits](mojohaus/properties-maven-plugin@properties-maven-plugin-1.0.0...properties-maven-plugin-1.1.0) --- updated-dependencies: - dependency-name: org.codehaus.mojo:properties-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump json from 20211205 to 20220320 Bumps [json](https://github.com/douglascrockford/JSON-java) from 20211205 to 20220320. - [Release notes](https://github.com/douglascrockford/JSON-java/releases) - [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md) - [Commits](https://github.com/douglascrockford/JSON-java/commits) --- updated-dependencies: - dependency-name: org.json:json dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-test from 5.0.7.RELEASE to 5.3.19 Bumps [spring-test](https://github.com/spring-projects/spring-framework) from 5.0.7.RELEASE to 5.3.19. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.0.7.RELEASE...v5.3.19) --- updated-dependencies: - dependency-name: org.springframework:spring-test dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-core from 5.0.11.RELEASE to 5.3.19 Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 5.0.11.RELEASE to 5.3.19. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.0.11.RELEASE...v5.3.19) --- updated-dependencies: - dependency-name: org.springframework:spring-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven-clean-plugin from 3.1.0 to 3.2.0 Bumps [maven-clean-plugin](https://github.com/apache/maven-clean-plugin) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/apache/maven-clean-plugin/releases) - [Commits](apache/maven-clean-plugin@maven-clean-plugin-3.1.0...maven-clean-plugin-3.2.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-clean-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump build-helper-maven-plugin from 3.0.0 to 3.3.0 Bumps [build-helper-maven-plugin](https://github.com/mojohaus/build-helper-maven-plugin) from 3.0.0 to 3.3.0. - [Release notes](https://github.com/mojohaus/build-helper-maven-plugin/releases) - [Commits](mojohaus/build-helper-maven-plugin@build-helper-maven-plugin-3.0.0...build-helper-maven-plugin-3.3.0) --- updated-dependencies: - dependency-name: org.codehaus.mojo:build-helper-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fixing csrf challenge 2 where id was not displayed and cheat had a typo * marking adjustments to CSRF levels to make them clearer * fixing lint issue * adjusting xxe * fixing lint issue * fixing lint issue * fixing lint issue * fixing lint issue * Revert "adjusting xxe" * fixing lint issue * Bump spring-data-mongodb from 2.1.1.RELEASE to 3.3.4 Bumps spring-data-mongodb from 2.1.1.RELEASE to 3.3.4. --- updated-dependencies: - dependency-name: org.springframework.data:spring-data-mongodb dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump mockito-core from 4.4.0 to 4.5.1 Bumps [mockito-core](https://github.com/mockito/mockito) from 4.4.0 to 4.5.1. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v4.4.0...v4.5.1) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump mongo-java-driver from 3.12.10 to 3.12.11 Bumps [mongo-java-driver](https://github.com/mongodb/mongo-java-driver) from 3.12.10 to 3.12.11. - [Release notes](https://github.com/mongodb/mongo-java-driver/releases) - [Commits](mongodb/mongo-java-driver@r3.12.10...r3.12.11) --- updated-dependencies: - dependency-name: org.mongodb:mongo-java-driver dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Increase maximum header size to allow proxy headers Increase the maxHttpHeaderSize to "65536" to allow oauth proxy headers Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Spencer Niemi <spencer.niemi@elastic.co> * Bump spring-test from 5.0.7.RELEASE to 5.3.20 Bumps [spring-test](https://github.com/spring-projects/spring-framework) from 5.0.7.RELEASE to 5.3.20. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.0.7.RELEASE...v5.3.20) --- updated-dependencies: - dependency-name: org.springframework:spring-test dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump keytool-maven-plugin from 1.5 to 1.6 Bumps [keytool-maven-plugin](https://github.com/mojohaus/keytool) from 1.5 to 1.6. - [Release notes](https://github.com/mojohaus/keytool/releases) - [Commits](mojohaus/keytool@keytool-1.5...keytool-1.6) --- updated-dependencies: - dependency-name: org.codehaus.mojo:keytool-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-data-mongodb from 2.1.1.RELEASE to 3.4.0 Bumps [spring-data-mongodb](https://github.com/spring-projects/spring-data-mongodb) from 2.1.1.RELEASE to 3.4.0. - [Release notes](https://github.com/spring-projects/spring-data-mongodb/releases) - [Commits](spring-projects/spring-data-mongodb@2.1.1.RELEASE...3.4.0) --- updated-dependencies: - dependency-name: org.springframework.data:spring-data-mongodb dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-core from 5.0.11.RELEASE to 5.3.20 Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 5.0.11.RELEASE to 5.3.20. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.0.11.RELEASE...v5.3.20) --- updated-dependencies: - dependency-name: org.springframework:spring-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump jsoup from 1.14.3 to 1.15.1 Bumps [jsoup](https://github.com/jhy/jsoup) from 1.14.3 to 1.15.1. - [Release notes](https://github.com/jhy/jsoup/releases) - [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES) - [Commits](jhy/jsoup@jsoup-1.14.3...jsoup-1.15.1) --- updated-dependencies: - dependency-name: org.jsoup:jsoup dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-web from 5.3.19 to 5.3.20 Bumps [spring-web](https://github.com/spring-projects/spring-framework) from 5.3.19 to 5.3.20. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.19...v5.3.20) --- updated-dependencies: - dependency-name: org.springframework:spring-web dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-context from 5.3.19 to 5.3.20 Bumps [spring-context](https://github.com/spring-projects/spring-framework) from 5.3.19 to 5.3.20. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.19...v5.3.20) --- updated-dependencies: - dependency-name: org.springframework:spring-context dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Grabbing upstream changes (#29) * Fixing Some Levels, Upgrading Libraries, Enhancement to Tomcat and verifying fixes (#638) * publish to OWASP DockerHub * update readme to point to owasp shepherd * closes issue #620 * closes issue #622 * closes issue #624 * removing unused import * fixing linting issue * fixing some weirdness when running on docker where key doesn't get displayed properly * Bump fongo from 2.0.6 to 2.1.1 Bumps [fongo](https://github.com/fakemongo/fongo) from 2.0.6 to 2.1.1. - [Release notes](https://github.com/fakemongo/fongo/releases) - [Changelog](https://github.com/fakemongo/fongo/blob/master/CHANGELOG) - [Commits](fakemongo/fongo@fongo-2.0.6...fongo-2.1.1) --- updated-dependencies: - dependency-name: com.github.fakemongo:fongo dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump argon2-jvm from 2.2 to 2.11 Bumps [argon2-jvm](https://github.com/phxql/argon2-jvm) from 2.2 to 2.11. - [Release notes](https://github.com/phxql/argon2-jvm/releases) - [Changelog](https://github.com/phxql/argon2-jvm/blob/master/CHANGELOG.md) - [Commits](phxql/argon2-jvm@v2.2...v2.11) --- updated-dependencies: - dependency-name: de.mkammerer:argon2-jvm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-context from 5.1.1.RELEASE to 5.3.19 Bumps [spring-context](https://github.com/spring-projects/spring-framework) from 5.1.1.RELEASE to 5.3.19. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.1.1.RELEASE...v5.3.19) --- updated-dependencies: - dependency-name: org.springframework:spring-context dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-web from 5.3.16 to 5.3.19 Bumps [spring-web](https://github.com/spring-projects/spring-framework) from 5.3.16 to 5.3.19. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.16...v5.3.19) --- updated-dependencies: - dependency-name: org.springframework:spring-web dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump encoder from 1.2.1 to 1.2.3 Bumps [encoder](https://github.com/owasp/owasp-java-encoder) from 1.2.1 to 1.2.3. - [Release notes](https://github.com/owasp/owasp-java-encoder/releases) - [Commits](OWASP/owasp-java-encoder@v1.2.1...v1.2.3) --- updated-dependencies: - dependency-name: org.owasp.encoder:encoder dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump junit-jupiter-engine from 5.0.1 to 5.8.2 Bumps [junit-jupiter-engine](https://github.com/junit-team/junit5) from 5.0.1 to 5.8.2. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](junit-team/junit-framework@r5.0.1...r5.8.2) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump mongo-java-driver from 3.4.1 to 3.12.10 Bumps [mongo-java-driver](https://github.com/mongodb/mongo-java-driver) from 3.4.1 to 3.12.10. - [Release notes](https://github.com/mongodb/mongo-java-driver/releases) - [Commits](mongodb/mongo-java-driver@r3.4.1...r3.12.10) --- updated-dependencies: - dependency-name: org.mongodb:mongo-java-driver dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Fixing issue where csrf two and three crossover * Bump spring-data-mongodb from 2.1.1.RELEASE to 3.3.3 Bumps spring-data-mongodb from 2.1.1.RELEASE to 3.3.3. --- updated-dependencies: - dependency-name: org.springframework.data:spring-data-mongodb dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven-compiler-plugin from 3.8.1 to 3.10.1 Bumps [maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.8.1 to 3.10.1. - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](apache/maven-compiler-plugin@maven-compiler-plugin-3.8.1...maven-compiler-plugin-3.10.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Conforming to the way xxe challenge 1 is set up * cheats for xxe levels * fixing lint issue * Bump properties-maven-plugin from 1.0.0 to 1.1.0 Bumps [properties-maven-plugin](https://github.com/mojohaus/properties-maven-plugin) from 1.0.0 to 1.1.0. - [Release notes](https://github.com/mojohaus/properties-maven-plugin/releases) - [Commits](mojohaus/properties-maven-plugin@properties-maven-plugin-1.0.0...properties-maven-plugin-1.1.0) --- updated-dependencies: - dependency-name: org.codehaus.mojo:properties-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump json from 20211205 to 20220320 Bumps [json](https://github.com/douglascrockford/JSON-java) from 20211205 to 20220320. - [Release notes](https://github.com/douglascrockford/JSON-java/releases) - [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md) - [Commits](https://github.com/douglascrockford/JSON-java/commits) --- updated-dependencies: - dependency-name: org.json:json dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-test from 5.0.7.RELEASE to 5.3.19 Bumps [spring-test](https://github.com/spring-projects/spring-framework) from 5.0.7.RELEASE to 5.3.19. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.0.7.RELEASE...v5.3.19) --- updated-dependencies: - dependency-name: org.springframework:spring-test dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-core from 5.0.11.RELEASE to 5.3.19 Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 5.0.11.RELEASE to 5.3.19. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.0.11.RELEASE...v5.3.19) --- updated-dependencies: - dependency-name: org.springframework:spring-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven-clean-plugin from 3.1.0 to 3.2.0 Bumps [maven-clean-plugin](https://github.com/apache/maven-clean-plugin) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/apache/maven-clean-plugin/releases) - [Commits](apache/maven-clean-plugin@maven-clean-plugin-3.1.0...maven-clean-plugin-3.2.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-clean-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump build-helper-maven-plugin from 3.0.0 to 3.3.0 Bumps [build-helper-maven-plugin](https://github.com/mojohaus/build-helper-maven-plugin) from 3.0.0 to 3.3.0. - [Release notes](https://github.com/mojohaus/build-helper-maven-plugin/releases) - [Commits](mojohaus/build-helper-maven-plugin@build-helper-maven-plugin-3.0.0...build-helper-maven-plugin-3.3.0) --- updated-dependencies: - dependency-name: org.codehaus.mojo:build-helper-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fixing csrf challenge 2 where id was not displayed and cheat had a typo * marking adjustments to CSRF levels to make them clearer * fixing lint issue * adjusting xxe * fixing lint issue * fixing lint issue * fixing lint issue * fixing lint issue * Revert "adjusting xxe" * fixing lint issue * Bump spring-data-mongodb from 2.1.1.RELEASE to 3.3.4 Bumps spring-data-mongodb from 2.1.1.RELEASE to 3.3.4. --- updated-dependencies: - dependency-name: org.springframework.data:spring-data-mongodb dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump mockito-core from 4.4.0 to 4.5.1 Bumps [mockito-core](https://github.com/mockito/mockito) from 4.4.0 to 4.5.1. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v4.4.0...v4.5.1) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump mongo-java-driver from 3.12.10 to 3.12.11 Bumps [mongo-java-driver](https://github.com/mongodb/mongo-java-driver) from 3.12.10 to 3.12.11. - [Release notes](https://github.com/mongodb/mongo-java-driver/releases) - [Commits](mongodb/mongo-java-driver@r3.12.10...r3.12.11) --- updated-dependencies: - dependency-name: org.mongodb:mongo-java-driver dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Increase maximum header size to allow proxy headers Increase the maxHttpHeaderSize to "65536" to allow oauth proxy headers Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Spencer Niemi <spencer.niemi@elastic.co> * Bump spring-test from 5.0.7.RELEASE to 5.3.20 Bumps [spring-test](https://github.com/spring-projects/spring-framework) from 5.0.7.RELEASE to 5.3.20. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.0.7.RELEASE...v5.3.20) --- updated-dependencies: - dependency-name: org.springframework:spring-test dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump keytool-maven-plugin from 1.5 to 1.6 Bumps [keytool-maven-plugin](https://github.com/mojohaus/keytool) from 1.5 to 1.6. - [Release notes](https://github.com/mojohaus/keytool/releases) - [Commits](mojohaus/keytool@keytool-1.5...keytool-1.6) --- updated-dependencies: - dependency-name: org.codehaus.mojo:keytool-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-data-mongodb from 2.1.1.RELEASE to 3.4.0 Bumps [spring-data-mongodb](https://github.com/spring-projects/spring-data-mongodb) from 2.1.1.RELEASE to 3.4.0. - [Release notes](https://github.com/spring-projects/spring-data-mongodb/releases) - [Commits](spring-projects/spring-data-mongodb@2.1.1.RELEASE...3.4.0) --- updated-dependencies: - dependency-name: org.springframework.data:spring-data-mongodb dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-core from 5.0.11.RELEASE to 5.3.20 Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 5.0.11.RELEASE to 5.3.20. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.0.11.RELEASE...v5.3.20) --- updated-dependencies: - dependency-name: org.springframework:spring-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump jsoup from 1.14.3 to 1.15.1 Bumps [jsoup](https://github.com/jhy/jsoup) from 1.14.3 to 1.15.1. - [Release notes](https://github.com/jhy/jsoup/releases) - [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES) - [Commits](jhy/jsoup@jsoup-1.14.3...jsoup-1.15.1) --- updated-dependencies: - dependency-name: org.jsoup:jsoup dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-web from 5.3.19 to 5.3.20 Bumps [spring-web](https://github.com/spring-projects/spring-framework) from 5.3.19 to 5.3.20. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.19...v5.3.20) --- updated-dependencies: - dependency-name: org.springframework:spring-web dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump spring-context from 5.3.19 to 5.3.20 Bumps [spring-context](https://github.com/spring-projects/spring-framework) from 5.3.19 to 5.3.20. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.19...v5.3.20) --- updated-dependencies: - dependency-name: org.springframework:spring-context dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Spencer Niemi <spencer.niemi@elastic.co> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Spencer Niemi <spencer.niemi@elastic.co>
…by splitting out the levels. Adding a small check to not reveal key from both levels. fixes issue #652
Bumps [junit-jupiter-api](https://github.com/junit-team/junit5) from 5.8.2 to 5.9.0. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](junit-team/junit-framework@r5.8.2...r5.9.0) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Add a GitHub workflow for Build/Pushing the Dev container images
Add id-token permissions to enable federated workload identity, use GH Secrets
Add id-token "write"
Add java setup and maven steps
Create tmate session for debugging
Run tmate when previous steps fail
Comment out tmate debugging code
Bumps [docker-maven-plugin](https://github.com/fabric8io/docker-maven-plugin) from 0.40.1 to 0.40.2. - [Release notes](https://github.com/fabric8io/docker-maven-plugin/releases) - [Changelog](https://github.com/fabric8io/docker-maven-plugin/blob/master/doc/changelog.md) - [Commits](fabric8io/docker-maven-plugin@v0.40.1...v0.40.2) --- updated-dependencies: - dependency-name: io.fabric8:docker-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
|
A newer version of org.junit.jupiter:junit-jupiter-api exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged. |
Member
|
@dependabot rebase |
Contributor
Author
|
Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry! If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request |
Member
|
@dependabot recreate |
Contributor
Author
|
Superseded by #723. |
dependabot
bot
deleted the
dependabot/maven/org.junit.jupiter-junit-jupiter-api-5.9.0
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps junit-jupiter-api from 5.8.2 to 5.9.0.
Release notes
Sourced from junit-jupiter-api's releases.
Commits
3ed71dfRelease 5.9d3f8e4aPrepare 5.9 release notes2aaf24cImprove debug mode detection in JUnit Jupiter (#2973)be55668Use suite events for more accurate reporting (#2985)5fdb138Fix@ArgumentsSourceannotation name in user guide (#2980)5407208Bump com.gradle.enterprise from 3.10.2 to 3.10.3 (#2981)e91e5dcIntroduce AssertionFailureBuilder (#2972)08b102cUpgradle to 7.549ca772Polish Javadoc for@EnabledIfand@DisabledIfdafaabfStabilize test on WindowsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)