Skip to content

chore: bump the all group across 1 directory with 7 updates #1557

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

chore: bump the all group across 1 directory with 7 updates #1557

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 17, 2025
edited
Loading

Bumps the all group with 7 updates in the /examples/msal-java directory:

Package From To
com.azure:azure-security-keyvault-secrets 4.7.3 4.9.2
com.azure:azure-identity 1.12.2 1.15.2
com.azure:azure-core 1.45.1 1.55.1
com.microsoft.azure:msal4j 1.14.2 1.19.0
org.slf4j:slf4j-simple 2.0.10 2.0.16
org.apache.maven.plugins:maven-shade-plugin 3.5.1 3.6.0
org.apache.maven.plugins:maven-dependency-plugin 3.6.1 3.8.1

Updates com.azure:azure-security-keyvault-secrets from 4.7.3 to 4.9.2

Commits
  • 30a9bc8 Merge branch 'main' into release/keyvault/january/2025
  • 3d12c1c Sync eng/common directory with azure-sdk-tools for PR 9656 (#43885)
  • 3c867f6 Sync eng/common directory with azure-sdk-tools for PR 9668 (#43879)
  • 06062f3 Eg fix customization (#43860)
  • 400520f Increment package versions for computeschedule releases (#43872)
  • 602ba50 [Automation] Generate Fluent Lite from TypeSpec computeschedule (#43866)
  • 1339c69 [Automation] Generate Fluent Lite from Swagger quota#package-2024-12-18-previ...
  • 5bc93af Change HttpLogOptions to be HttpInstrumentationOptions, update docs (#43780)
  • c939638 Increment package versions for eventhubs releases (#43864)
  • 07d2801 handle only deleted files in a <language> - pullrequest build (#43835)
  • Additional commits viewable in compare view

Updates com.azure:azure-identity from 1.12.2 to 1.15.2

Release notes

Sourced from com.azure:azure-identity's releases.

azure-identity_1.15.2

1.15.2 (2025-02-13)

Other Changes

  • Upgraded azure-core from 1.55.0 to version 1.55.1.
  • Upgraded azure-core-http-netty from 1.15.8 to version 1.15.9.

azure-identity_1.15.1

1.15.1 (2025-02-07)

Bugs Fixed

  • Fixed an issue preventing scopes with underscores from working properly. #44040

Other Changes

  • Upgraded azure-core from 1.54.1 to version 1.55.0.
  • Upgraded azure-core-http-netty from 1.15.7 to version 1.15.8.
  • Upgraded msal4j from 1.17.1 to version 1.19.0.

azure-core-http-okhttp_1.12.8

1.12.8 (2025-02-12)

Other Changes

Dependency Updates

  • Upgraded azure-core from 1.55.0 to 1.55.1.
Commits

Updates com.azure:azure-core from 1.45.1 to 1.55.1

Release notes

Sourced from com.azure:azure-core's releases.

azure-core_1.55.1

1.55.1 (2025-02-12)

Other Changes

Dependency Updates

  • Upgraded Netty dependencies from 4.1.115.Final to 4.1.118.Final to resolve a CVE.
  • Upgraded Netty TcNative dependencies from 2.0.69.Final to 2.0.70.Final to resolve a CVE.
Commits
  • b2a8aec Prepare hotfix for azure-core-http-netty (#44169)
  • 04b426f Prepare Core libraries for February 2025 release (#44034)
  • dd1696b STG97 Beta Features (#44043)
  • 3e6d977 Added call connection id for recording and live test and unit test code. (#43...
  • e2c33bf [Automation] Generate Fluent Lite from TypeSpec servicenetworking (#44052)
  • ba9da6e Add rust to prepare-pipelines and create-package-workitem yaml (#44049)
  • d350f18 Increment package versions for pineconevectordb releases (#44053)
  • 2a445a0 mgmt, pinevectordb, prepare beta release (#44048)
  • aa0eb34 Flip supportsSafeSecretStandard boolean condition (#44041)
  • 15ca25c Update pattern for testing scopes (#44040)
  • Additional commits viewable in compare view

Updates com.microsoft.azure:msal4j from 1.14.2 to 1.19.0

Release notes

Sourced from com.microsoft.azure:msal4j's releases.

1.19.0

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-java@v1.18.0...1.19.0

v1.18.0

What's Changed

New Contributors

v1.17.3

  • Correctly set buffer for expired tokens (#875)
  • Bump commons-io dependency from 2.7 to 2.14.0 (#871)

v1.17.2

  • Make ManagedIdentityApplication.getManagedIdentitySource static (#864)

v1.17.1

  • Fix 'refresh on' value calculation in Managed Identity flows (#858)
  • Bump nimbusds-oauth2-oidc-sdk version (#859)

v1.17.0

  • Add object ID option for Managed Identity (#854)
  • Add support for custom authorities (#851)
  • Fix bug where claims did not cause cache to be skipped (#811)

v1.16.2

  • Use SHA256 thumbprints in non-ADFS cert flows (#840)
  • Reduce logging level of cache miss messages (#844)
  • Make ManagedIdentitySourceType enum public (#845)

v1.16.1

  • Add missing refreshOn metadata (#838)

v1.16.0

v1.15.1

  • Fix to correctly use custom SSLSocketFactory (#821)
  • Add public API to determine the Managed Identity environment (#823)

... (truncated)

Changelog

Sourced from com.microsoft.azure:msal4j's changelog.

Version 1.19.0

  • Fix potential regression caused by certificate hashing changes (#898)
  • Add token refresh reasons AuthenticationResultMetadata (#901)
  • Update build plugins for better compatibility with Java 17+ (#900)
  • Downgrade json-smart dependency to avoid CVE (#905)

Version 1.18.0

  • Fix WWW-Authenticate formatting in MI scenarios (#885)
  • Fix tenant override not being used in OBO and credential flows (#886)
  • Bump jackson-databind dependency (#887)

Version 1.17.3

  • Correctly set buffer for expired tokens (#875)
  • Bump commons-io dependency from 2.7 to 2.14.0 (#871)

Version 1.17.2

  • Make ManagedIdentityApplication.getManagedIdentitySource static (#864)

Version 1.17.1

  • Fix 'refresh on' value calculation in Managed Identity flows (#858)
  • Bump nimbusds-oauth2-oidc-sdk version (#859)

Version 1.17.0

  • Add object ID option for Managed Identity (#854)
  • Add support for custom authorities (#851)
  • Fix bug where claims did not cause cache to be skipped (#811)

Version 1.16.2

  • Use SHA256 thumbprints in non-ADFS cert flows (#840)
  • Reduce logging level of cache miss messages (#844)
  • Make ManagedIdentitySourceType enum public (#845)

Version 1.16.1

  • Add missing refreshOn metadata (#838)

Version 1.16.0

  • Fix breaking API changes introduced in v1.15.0 (#828)
  • Expose refreshOn parameter in AuthenticationResultMetadata (#829)

Version 1.15.1

... (truncated)

Commits
  • d008766 Merge pull request #906 from AzureAD/avdunn/release-1.19.0
  • 8c61f57 Version updates for release 1.19.0
  • 49a93cc Merge pull request #905 from AzureAD/avdunn/dependency-updates
  • ae8dc21 Downgrade due to CVE alert
  • 6f5f5f1 Merge pull request #901 from AzureAD/avdunn/cache-refresh-metadata
  • ffaa5d2 Merge pull request #904 from AzureAD/avdunn/codeql-fixes
  • ede1b34 Add CodeQL suppressions for false positives
  • 2de2b4a Address PR feedback
  • 7d794be Fix unit tests to look for correct telemetry values
  • 175a4eb Merge pull request #898 from AzureAD/avdunn/sha256-fix
  • Additional commits viewable in compare view

Updates org.slf4j:slf4j-simple from 2.0.10 to 2.0.16

Updates org.apache.maven.plugins:maven-shade-plugin from 3.5.1 to 3.6.0

Commits
  • 9a572e2 [maven-release-plugin] prepare release maven-shade-plugin-3.6.0
  • ade2e35 [MSHADE-428] Prevent null value in array of transformers (#229)
  • b573b8c [MSHADE-478] Extra JARs feature (#228)
  • 199ffae Drop the cruft (#225)
  • 912a81d Bump maven-gh-actions-shared to v4
  • 80e4420 [maven-release-plugin] prepare for next development iteration
  • 19618cd [maven-release-plugin] prepare release maven-shade-plugin-3.5.3
  • faf233e [MSHADE-472] upgrade parent POM
  • 7de9ae7 [MSHADE-471] deal with DST
  • 58d8cfe [MSHADE-470] Bump asmVersion from 9.6 to 9.7 (#218)
  • Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-dependency-plugin from 3.6.1 to 3.8.1

Release notes

Sourced from org.apache.maven.plugins:maven-dependency-plugin's releases.

3.8.1

What's Changed

... (truncated)

Commits
  • 954e44a [maven-release-plugin] prepare release maven-dependency-plugin-3.8.1
  • 842075d Bump org.apache.maven.reporting:maven-reporting-impl
  • 7e1aadc Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.17.0
  • 188531c Fix SCM tag
  • 361058e Bump jettyVersion from 9.4.55.v20240627 to 9.4.56.v20240826
  • 38ab100 Bump org.codehaus.plexus:plexus-io from 3.5.0 to 3.5.1
  • cbac4a7 Bump commons-io:commons-io from 2.16.1 to 2.17.0
  • b19b7e0 [MDEP-930] Make test robust against platform default character sets (#448)
  • e347ef7 Delete obsolete commented code for issue that was won't fixed 10 years ago (#...
  • 7b137a1 [MDEP-946] Add analyze exclusions to list of goals
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore: bump the all group across 1 directory with 7 updates
8bfd2a2 
Bumps the all group with 7 updates in the /examples/msal-java directory:

| Package | From | To |
| --- | --- | --- |
| [com.azure:azure-security-keyvault-secrets](https://github.com/Azure/azure-sdk-for-java) | `4.7.3` | `4.9.2` |
| [com.azure:azure-identity](https://github.com/Azure/azure-sdk-for-java) | `1.12.2` | `1.15.2` |
| [com.azure:azure-core](https://github.com/Azure/azure-sdk-for-java) | `1.45.1` | `1.55.1` |
| [com.microsoft.azure:msal4j](https://github.com/AzureAD/microsoft-authentication-library-for-java) | `1.14.2` | `1.19.0` |
| org.slf4j:slf4j-simple | `2.0.10` | `2.0.16` |
| [org.apache.maven.plugins:maven-shade-plugin](https://github.com/apache/maven-shade-plugin) | `3.5.1` | `3.6.0` |
| [org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) | `3.6.1` | `3.8.1` |



Updates `com.azure:azure-security-keyvault-secrets` from 4.7.3 to 4.9.2
- [Release notes](https://github.com/Azure/azure-sdk-for-java/releases)
- [Commits](Azure/azure-sdk-for-java@azure-security-keyvault-keys_4.7.3...azure-security-keyvault-keys_4.9.2)

Updates `com.azure:azure-identity` from 1.12.2 to 1.15.2
- [Release notes](https://github.com/Azure/azure-sdk-for-java/releases)
- [Commits](Azure/azure-sdk-for-java@azure-identity_1.12.2...azure-identity_1.15.2)

Updates `com.azure:azure-core` from 1.45.1 to 1.55.1
- [Release notes](https://github.com/Azure/azure-sdk-for-java/releases)
- [Commits](Azure/azure-sdk-for-java@azure-core_1.45.1...azure-core_1.55.1)

Updates `com.microsoft.azure:msal4j` from 1.14.2 to 1.19.0
- [Release notes](https://github.com/AzureAD/microsoft-authentication-library-for-java/releases)
- [Changelog](https://github.com/AzureAD/microsoft-authentication-library-for-java/blob/dev/changelog.txt)
- [Commits](AzureAD/microsoft-authentication-library-for-java@v1.14.2...1.19.0)

Updates `org.slf4j:slf4j-simple` from 2.0.10 to 2.0.16

Updates `org.apache.maven.plugins:maven-shade-plugin` from 3.5.1 to 3.6.0
- [Release notes](https://github.com/apache/maven-shade-plugin/releases)
- [Commits](apache/maven-shade-plugin@maven-shade-plugin-3.5.1...maven-shade-plugin-3.6.0)

Updates `org.apache.maven.plugins:maven-dependency-plugin` from 3.6.1 to 3.8.1
- [Release notes](https://github.com/apache/maven-dependency-plugin/releases)
- [Commits](apache/maven-dependency-plugin@maven-dependency-plugin-3.6.1...maven-dependency-plugin-3.8.1)

---
updated-dependencies:
- dependency-name: com.azure:azure-security-keyvault-secrets
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: com.azure:azure-identity
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: com.azure:azure-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: com.microsoft.azure:msal4j
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: org.slf4j:slf4j-simple
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: org.apache.maven.plugins:maven-shade-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: org.apache.maven.plugins:maven-dependency-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from aramase as a code owner February 17, 2025 19:09
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Feb 17, 2025
@dependabot dependabot bot requested a review from enj as a code owner February 17, 2025 19:09
@dependabot dependabot bot mentioned this pull request Feb 17, 2025
Closed
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 24, 2025

Superseded by #1564.

@dependabot dependabot bot closed this Feb 24, 2025
@dependabot dependabot bot deleted the dependabot/maven/examples/msal-java/all-9c0e25d2ec branch February 24, 2025 21:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aramase aramase Awaiting requested review from aramase aramase is a code owner

@enj enj Awaiting requested review from enj enj is a code owner

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants