Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependabot config and update dependencies where possible #1346

Merged
merged 24 commits into from
Jun 13, 2024
Merged

Update dependabot config and update dependencies where possible #1346

merged 24 commits into from
Jun 13, 2024

Conversation

marko-bekhta
Copy link
Member

@marko-bekhta marko-bekhta commented Apr 18, 2024
edited
Loading

Hey @gsmet 😃

after opening #1344 because of the issues building the project when using the JDK 21 and doing the SM removal work in #1345 I thought that maybe we should enable dependabot and keep the build of the Validator more up to date so it'll be more straightforward to address any build issues rather than waiting for them to pileup...

I've used the similar dependabot config that we have in the Search.
The only thing I couldn't upgrade is Wildfly because of jbossas/patch-gen#34 😔 but it looks like that project is a bit stale 😔😔😔

https://hibernate.atlassian.net/browse/HV-1977
https://hibernate.atlassian.net/browse/HV-1974
https://hibernate.atlassian.net/browse/HV-1985
https://hibernate.atlassian.net/browse/HV-1981
https://hibernate.atlassian.net/browse/HV-1983
https://hibernate.atlassian.net/browse/HV-1982
https://hibernate.atlassian.net/browse/HV-1980
https://hibernate.atlassian.net/browse/HV-1979
https://hibernate.atlassian.net/browse/HV-1991
https://hibernate.atlassian.net/browse/HV-1992

@hibernate-github-bot
Copy link

hibernate-github-bot bot commented Apr 18, 2024
edited
Loading

Thanks for your pull request!

This pull request does not follow the contribution rules. Could you have a look?

❌ All commit messages should start with a JIRA issue key matching pattern HV-\d+
    ↳ Offending commits: [3c225c3, 42d15df]

› This message was automatically generated.

@gsmet
Copy link
Member

gsmet commented Apr 18, 2024

I would say +1 but CI looks unhappy?

@marko-bekhta marko-bekhta force-pushed the dependabot-update branch 4 times, most recently from f4f02a4 to e232f02 Compare April 19, 2024 08:39
@yrodiere
Copy link
Member

DEBUG: figure out why TCK test failing on CI only

Aw shoot, I'm missing all the fun 😁

@marko-bekhta
Copy link
Member Author

DEBUG: figure out why TCK test failing on CI only

Aw shoot, I'm missing all the fun 😁

🙈 😄 mmmmmmmm ooooook... so the problem is caused by:

file:/var/lib/jenkins/workspace/hibernate-validator_PR-1347%40tmp/maven-repository/org/assertj/assertj-core/3.8.0/assertj-core-3.8.0.jar
file.exists() = false
file.isFile() = false
file.listFiles() = null

Which, if we don't upgrade the surefire plugin, is:

file:/var/lib/jenkins/workspace/hibernate-validator_PR-1347@tmp/maven-repository/org/assertj/assertj-core/3.8.0/assertj-core-3.8.0.jar
file.exists() = true
file.isFile() = true
file.listFiles() = null

For some reason with the plugin upgrade @ gets encoded in the path, and I'm not sure how that's connected since the URL comes from:

Assert.class.getProtectionDomain().getCodeSource().getLocation()

which isn't surefire related 🤔😕

and that's happening inside of the TCK classes .... it's fixable, but I guess we aren't getting a new version of TCK to make this work 🤔

@marko-bekhta marko-bekhta mentioned this pull request Apr 19, 2024
Closed
@yrodiere
Copy link
Member

For some reason with the plugin upgrade @ gets encoded in the path

I remember similar problems from when we worked on running Jandex indexing on startup in Hibernate Search... I don't remember what I changed to fix it, but here's the test that checked it worked, and I suppose the fix is somewhere in the same commit: hibernate/hibernate-search@2773f90#diff-fa81f1bd295eb29f597f67849a355691e3672277da2aa60d41156433b3935971R257-R258

Does that help in any way?

@marko-bekhta
Copy link
Member Author

Thanks 😃
I've opened jakartaee/validation-tck#198, since the access to the code source happens inside the TCK classes, calling .toURI() helps, at least in the tests I've run locally. But since it's all TCK code, I guess it's one of:

  • we get a new TCK
  • we don't upgrade the surefire plugin (that, for some reason, causes the issue)
  • we do something to Jenkins jobs that they do not include any chars that get encoded in the file paths

@yrodiere
Copy link
Member

I've opened jakartaee/validation-tck#198, since the access to the code source happens inside the TCK classes, calling .toURI() helps

Thanks. @gsmet could you add your +1 to that PR, since I guess your opinion has great weight over there? I imagine Scott is quite busy right now, so your advice could help expedite things.

we get a new TCK

Probably a good idea if we merge this in HV 9.0 with Jakarta 11 support.

we do something to Jenkins jobs that they do not include any chars that get encoded in the file paths

That's going to be challenging, as the part of the path that causes the problem is somewhat standard (it's a temp dir that's available to each job) and not configurable AFAICS.

we don't upgrade the surefire plugin (that, for some reason, causes the issue)

Or... we upgrade, but find some config option that reverts to the old behavior. Not sure if this is possible though.

@marko-bekhta marko-bekhta force-pushed the dependabot-update branch 2 times, most recently from f7eb028 to 80b6b16 Compare May 1, 2024 09:46
@marko-bekhta marko-bekhta force-pushed the dependabot-update branch 3 times, most recently from 9d82106 to 47341f8 Compare May 21, 2024 07:35
@marko-bekhta marko-bekhta force-pushed the dependabot-update branch 2 times, most recently from 47fba0c to 14e9b99 Compare June 11, 2024 09:21
@marko-bekhta marko-bekhta force-pushed the dependabot-update branch 5 times, most recently from e837c10 to 2689c5e Compare June 12, 2024 14:23
@marko-bekhta marko-bekhta marked this pull request as ready for review June 12, 2024 14:45
@marko-bekhta
Copy link
Member Author

https://ci.hibernate.org/blue/organizations/jenkins/hibernate-validator/detail/PR-1346/25/pipeline

The build is passing now ^. But with all the changes, this branch essentially became 9.0

@yrodiere
Copy link
Member

https://ci.hibernate.org/blue/organizations/jenkins/hibernate-validator/detail/PR-1346/25/pipeline

The build is passing now ^. But with all the changes, this branch essentially became 9.0

Okay then, I guess we should branch out 8.0 and make main the 9.0.

Can you please take care of that?

What do we need to merge to 8.0 and possibly earlier branches? From what I can see these are the only potential candidates:

@marko-bekhta
Copy link
Member Author

We have 6.2 and 8.0, so I'm thinking that since 6.2 is javax, we probably can just add the gpg patch to it.
As for the sigtest plugin it only affected the branch with the bumped JDK, so we can leave it for 9.0.

marko-bekhta and others added 24 commits June 12, 2024 19:08
@marko-bekhta
Update main version to 9.0
3c225c3
@marko-bekhta
HV-1977 Update dependabot config
66c36df
@marko-bekhta
HV-1974 Replace relocation Groovy artifact
baac0fe
@dependabot @marko-bekhta
Bump the build-dependencies group across 1 directory with 63 updates
42d15df 
---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.logging.log4j:log4j-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.logging.log4j:log4j-slf4j-impl
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.slf4j:jcl-over-slf4j
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.slf4j:slf4j-jdk14
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.apache.logging.log4j:log4j-slf4j-impl
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: junit:junit
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.testng:testng
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.easymock:easymock
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: io.rest-assured:rest-assured
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.jboss.arquillian:arquillian-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.jboss.weld:weld-core-impl
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.wildfly.arquillian:wildfly-arquillian-container-managed
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.jboss.arquillian.container:arquillian-weld-embedded
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: com.google.guava:guava
  dependency-type: direct:production
  dependency-group: build-dependencies
- dependency-name: org.springframework:spring-expression
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: com.fasterxml.jackson.core:jackson-annotations
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: com.puppycrawl.tools:checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.slf4j:jcl-over-slf4j
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.slf4j:slf4j-jdk14
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.ow2.asm:asm
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.asciidoctor:asciidoctorj
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.asciidoctor:asciidoctorj-pdf
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: com.fasterxml.woodstox:woodstox-core
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.wildfly.core:wildfly-patching
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.wildfly.core:wildfly-cli
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.wildfly.core:wildfly-cli
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: com.mycila:license-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-antrun-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-clean-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-jar-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-compiler-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-checkstyle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: de.thetaphi:forbiddenapis
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-surefire-report-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-surefire-report-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-failsafe-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-dependency-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-install-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-assembly-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-release-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.asciidoctor:asciidoctor-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: ch.mfrey.maven.plugin:copy-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.apache.felix:maven-bundle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-source-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-javadoc-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-deploy-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-gpg-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-resources-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.codehaus.gmavenplus:gmavenplus-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.apache.servicemix.tooling:depends-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.codehaus.mojo:build-helper-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: com.github.siom79.japicmp:japicmp-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-shade-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.jboss.as:patch-gen-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.wildfly.plugins:wildfly-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.netbeans.tools:sigtest-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.sonatype.plugins:nexus-staging-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: com.buschmais.jqassistant:jqassistant-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.openjdk.jmh:jmh-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.openjdk.jmh:jmh-generator-annprocess
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.openjdk.jmh:jmh-generator-annprocess
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.slf4j:slf4j-log4j12
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.jboss.modules:jboss-modules
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>

Bump the build-dependencies group with 5 updates

Bumps the build-dependencies group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [com.google.guava:guava](https://github.com/google/guava) | `33.1.0-jre` | `33.2.0-jre` |
| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.17.0` | `2.17.1` |
| [com.fasterxml.jackson.core:jackson-annotations](https://github.com/FasterXML/jackson) | `2.17.0` | `2.17.1` |
| [com.github.siom79.japicmp:japicmp-maven-plugin](https://github.com/siom79/japicmp) | `0.21.1` | `0.21.2` |
| [com.buschmais.jqassistant:jqassistant-maven-plugin](https://github.com/jqassistant/jqa-maven-plugin) | `2.2.0` | `2.2.1` |

Updates `com.google.guava:guava` from 33.1.0-jre to 33.2.0-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.17.0 to 2.17.1
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.17.0 to 2.17.1
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.github.siom79.japicmp:japicmp-maven-plugin` from 0.21.1 to 0.21.2
- [Release notes](https://github.com/siom79/japicmp/releases)
- [Changelog](https://github.com/siom79/japicmp/blob/master/release.py)
- [Commits](siom79/japicmp@japicmp-base-0.21.1...japicmp-base-0.21.2)

Updates `com.buschmais.jqassistant:jqassistant-maven-plugin` from 2.2.0 to 2.2.1
- [Commits](jqassistant-archive/jqa-maven-plugin@REL-2.2.0...REL-2.2.1)

---
updated-dependencies:
- dependency-name: com.google.guava:guava
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: com.fasterxml.jackson.core:jackson-annotations
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: com.github.siom79.japicmp:japicmp-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: com.buschmais.jqassistant:jqassistant-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>

Bump the build-dependencies group across 1 directory with 7 updates

Bumps the build-dependencies group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) | `1.14.14` | `1.14.15` |
| [com.google.guava:guava](https://github.com/google/guava) | `33.1.0-jre` | `33.2.0-jre` |
| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.17.0` | `2.17.1` |
| [com.fasterxml.jackson.core:jackson-annotations](https://github.com/FasterXML/jackson) | `2.17.0` | `2.17.1` |
| [com.mycila:license-maven-plugin](https://github.com/mathieucarbou/license-maven-plugin) | `4.3` | `4.5` |
| [com.github.siom79.japicmp:japicmp-maven-plugin](https://github.com/siom79/japicmp) | `0.21.1` | `0.21.2` |
| [com.buschmais.jqassistant:jqassistant-maven-plugin](https://github.com/jqassistant/jqa-maven-plugin) | `2.2.0` | `2.2.1` |

Updates `net.bytebuddy:byte-buddy` from 1.14.14 to 1.14.15
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](raphw/byte-buddy@byte-buddy-1.14.14...byte-buddy-1.14.15)

Updates `com.google.guava:guava` from 33.1.0-jre to 33.2.0-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.17.0 to 2.17.1
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.17.0 to 2.17.1
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.mycila:license-maven-plugin` from 4.3 to 4.5
- [Commits](mathieucarbou/license-maven-plugin@license-maven-plugin-4.3...license-maven-plugin-4.5)

Updates `com.github.siom79.japicmp:japicmp-maven-plugin` from 0.21.1 to 0.21.2
- [Release notes](https://github.com/siom79/japicmp/releases)
- [Changelog](https://github.com/siom79/japicmp/blob/master/release.py)
- [Commits](siom79/japicmp@japicmp-base-0.21.1...japicmp-base-0.21.2)

Updates `com.buschmais.jqassistant:jqassistant-maven-plugin` from 2.2.0 to 2.2.1
- [Commits](jqassistant-archive/jqa-maven-plugin@REL-2.2.0...REL-2.2.1)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: com.google.guava:guava
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: com.fasterxml.jackson.core:jackson-annotations
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: com.mycila:license-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: com.github.siom79.japicmp:japicmp-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: com.buschmais.jqassistant:jqassistant-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>

Bump the build-dependencies group across 1 directory with 3 updates

---
updated-dependencies:
- dependency-name: org.springframework:spring-expression
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.asciidoctor:asciidoctorj
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.codehaus.mojo:build-helper-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>

Bump the build-dependencies group across 1 directory with 4 updates

Bumps the build-dependencies group with 4 updates in the / directory: [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy), [org.springframework:spring-expression](https://github.com/spring-projects/spring-framework), [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) and org.sonatype.plugins:nexus-staging-maven-plugin.

Updates `net.bytebuddy:byte-buddy` from 1.14.15 to 1.14.16
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](raphw/byte-buddy@byte-buddy-1.14.15...byte-buddy-1.14.16)

Updates `org.springframework:spring-expression` from 6.1.7 to 6.1.8
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.1.7...v6.1.8)

Updates `com.puppycrawl.tools:checkstyle` from 10.16.0 to 10.17.0
- [Release notes](https://github.com/checkstyle/checkstyle/releases)
- [Commits](checkstyle/checkstyle@checkstyle-10.16.0...checkstyle-10.17.0)

Updates `org.sonatype.plugins:nexus-staging-maven-plugin` from 1.6.13 to 1.7.0

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.springframework:spring-expression
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: com.puppycrawl.tools:checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.sonatype.plugins:nexus-staging-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>

Bump the build-dependencies group across 1 directory with 5 updates

Bumps the build-dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) | `1.14.16` | `1.14.17` |
| [com.google.guava:guava](https://github.com/google/guava) | `33.2.0-jre` | `33.2.1-jre` |
| [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer) | `3.4.1` | `3.5.0` |
| [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) | `3.6.3` | `3.7.0` |
| [org.apache.maven.plugins:maven-shade-plugin](https://github.com/apache/maven-shade-plugin) | `3.5.3` | `3.6.0` |

Updates `net.bytebuddy:byte-buddy` from 1.14.16 to 1.14.17
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](raphw/byte-buddy@byte-buddy-1.14.16...byte-buddy-1.14.17)

Updates `com.google.guava:guava` from 33.2.0-jre to 33.2.1-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `org.apache.maven.plugins:maven-enforcer-plugin` from 3.4.1 to 3.5.0
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](apache/maven-enforcer@enforcer-3.4.1...enforcer-3.5.0)

Updates `org.apache.maven.plugins:maven-javadoc-plugin` from 3.6.3 to 3.7.0
- [Release notes](https://github.com/apache/maven-javadoc-plugin/releases)
- [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.6.3...maven-javadoc-plugin-3.7.0)

Updates `org.apache.maven.plugins:maven-shade-plugin` from 3.5.3 to 3.6.0
- [Release notes](https://github.com/apache/maven-shade-plugin/releases)
- [Commits](apache/maven-shade-plugin@maven-shade-plugin-3.5.3...maven-shade-plugin-3.6.0)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: com.google.guava:guava
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-javadoc-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-shade-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>

Bump the build-dependencies group with 3 updates

Bumps the build-dependencies group with 3 updates: [org.easymock:easymock](https://github.com/easymock/easymock), [org.asciidoctor:asciidoctorj-pdf](https://github.com/asciidoctor/asciidoctorj-pdf) and [org.apache.maven.plugins:maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin).

Updates `org.easymock:easymock` from 5.2.0 to 5.3.0
- [Release notes](https://github.com/easymock/easymock/releases)
- [Changelog](https://github.com/easymock/easymock/blob/master/ReleaseNotes.md)
- [Commits](easymock/easymock@easymock-5.2.0...easymock-5.3.0)

Updates `org.asciidoctor:asciidoctorj-pdf` from 2.3.15 to 2.3.17
- [Release notes](https://github.com/asciidoctor/asciidoctorj-pdf/releases)
- [Changelog](https://github.com/asciidoctor/asciidoctorj-pdf/blob/main/CHANGELOG.adoc)
- [Commits](asciidoctor/asciidoctorj-pdf@v2.3.15...v2.3.17)

Updates `org.apache.maven.plugins:maven-checkstyle-plugin` from 3.3.1 to 3.4.0
- [Commits](apache/maven-checkstyle-plugin@maven-checkstyle-plugin-3.3.1...maven-checkstyle-plugin-3.4.0)

---
updated-dependencies:
- dependency-name: org.easymock:easymock
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.asciidoctor:asciidoctorj-pdf
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-checkstyle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>

Bump org.glassfish:javax.el from 3.0.1-b11 to 3.0.1-b12

Bumps [org.glassfish:javax.el](https://github.com/javaee/uel-ri) from 3.0.1-b11 to 3.0.1-b12.
- [Commits](javaee/uel-ri@javax.el-3.0.1-b11...javax.el-3.0.1-b12)

---
updated-dependencies:
- dependency-name: org.glassfish:javax.el
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@marko-bekhta
HV-1974 Make use of a simple test appender
b5b5ff9 
- instead of relying on a one from the test-jar that is not there anymore with the newer versions of log4j
@marko-bekhta
HV-1974 Address checkstyle issues
6079a65
@marko-bekhta
HV-1974 Update Test policy for a Security Manager
1482f5f
@marko-bekhta
HV-1974 Use a version of Wildfly core that does not fail applying the…
f9874e5 
… patch
@marko-bekhta
HV-1974 Update asciidoctor configuration and theme
c1ef35b
@marko-bekhta
HV-1974 Don't use filtering on theme-copy
98c5d91 
as it leads to build errors
@marko-bekhta
HV-1974 Update javadoc build parameters
9ac8cc8
@dependabot @marko-bekhta
HV-1985 Bump joda-time:joda-time from 2.9.7 to 2.12.7
23ef358 
Bumps [joda-time:joda-time](https://github.com/JodaOrg/joda-time) from 2.9.7 to 2.12.7.
- [Release notes](https://github.com/JodaOrg/joda-time/releases)
- [Changelog](https://github.com/JodaOrg/joda-time/blob/main/RELEASE-NOTES.txt)
- [Commits](JodaOrg/joda-time@v2.9.7...v2.12.7)

---
updated-dependencies:
- dependency-name: joda-time:joda-time
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @marko-bekhta
HV-1981 Bump org.jboss.logging:jboss-logging from 3.4.3.Final to 3.5.…
405b8a2 
…3.Final

Bumps [org.jboss.logging:jboss-logging](https://github.com/jboss-logging/jboss-logging) from 3.4.3.Final to 3.5.3.Final.
- [Release notes](https://github.com/jboss-logging/jboss-logging/releases)
- [Commits](jboss-logging/jboss-logging@3.4.3.Final...3.5.3.Final)

---
updated-dependencies:
- dependency-name: org.jboss.logging:jboss-logging
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @marko-bekhta
HV-1983 Bump com.fasterxml:classmate from 1.5.1 to 1.7.0
0d01f59 
Bumps [com.fasterxml:classmate](https://github.com/FasterXML/java-classmate) from 1.5.1 to 1.7.0.
- [Commits](FasterXML/java-classmate@classmate-1.5.1...classmate-1.7.0)

---
updated-dependencies:
- dependency-name: com.fasterxml:classmate
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @marko-bekhta
HV-1982 Bump javax.money:money-api from 1.0.1 to 1.1
3d37184 
Bumps [javax.money:money-api](https://github.com/JavaMoney/jsr354-api) from 1.0.1 to 1.1.
- [Release notes](https://github.com/JavaMoney/jsr354-api/releases)
- [Commits](JavaMoney/jsr354-api@1.0.1...1.1)

---
updated-dependencies:
- dependency-name: javax.money:money-api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@marko-bekhta
HV-1974 Update maven plugins configurations
ab766c6
@marko-bekhta
HV-1974 Upgrade to forbiddenapis 3.7
d986145
@marko-bekhta
HV-1974 Update JQAssistant configurations
6c533fa
@marko-bekhta
HV-1974 Move reduced pom from shade plugin to target directory
7b39cb4
@dependabot @marko-bekhta
HV-1979 Bump jakarta.validation:jakarta.validation-api from 3.0.2 to …
c18d3fe 
…3.1.0

Bumps [jakarta.validation:jakarta.validation-api](https://github.com/jakartaee/validation) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/jakartaee/validation/releases)
- [Commits](jakartaee/validation@3.0.2...3.1.0)

---
updated-dependencies:
- dependency-name: jakarta.validation:jakarta.validation-api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@marko-bekhta
HV-1974 Add Jakarta OSS Staging Repository
74e7fa7 
for Jakarta artifacts that are not on central
@marko-bekhta
HV-1974 Use a 3.1.1 version of Validation TCK
c8db3ce
@marko-bekhta
HV-1991 Upgrade to JDK 17 as the baseline and drop JDK 11 compatibility
803ea3f
@marko-bekhta
HV-1992 Switch to a different sigtest-maven-plugin
f90d99c
@marko-bekhta
Copy link
Member Author

Can you please take care of that?

OK 😃

  • I've applied patches to 6.2 and main
  • created 8.0 (including the patches)
  • added one more commit to this branch (the first one) to bump the version to 9.0

This was referenced Jun 13, 2024
Closed
Closed
@yrodiere yrodiere merged commit 1558748 into hibernate:main Jun 13, 2024
2 of 3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@marko-bekhta @gsmet @yrodiere