Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependency Dashboard #173

Open
14 tasks
renovate bot opened this issue Aug 25, 2021 · 4 comments
Open
14 tasks

Dependency Dashboard #173

renovate bot opened this issue Aug 25, 2021 · 4 comments

Comments

@renovate
Copy link
Contributor

renovate bot commented Aug 25, 2021
edited
Loading

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Config Migration Needed

  • Select this checkbox to let Renovate create an automated Config Migration PR.

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

Detected dependencies

github-actions
.github/workflows/ci.yml
  • actions/checkout v4
  • actions/setup-java v4
  • actions/cache v4
  • actions/checkout v4
  • actions/setup-java v4
maven
core/pom.xml
  • org.pac4j.jax-rs:parent 6.0.2-SNAPSHOT
  • jakarta.ws.rs:jakarta.ws.rs-api 3.1.0
  • jakarta.annotation:jakarta.annotation-api 3.0.0
  • jakarta.inject:jakarta.inject-api 2.0.1.MR
  • jakarta.servlet:jakarta.servlet-api 5.0.0
  • org.hamcrest:hamcrest-core 3.0
jersey3/pom.xml
  • org.pac4j.jax-rs:parent 6.0.2-SNAPSHOT
  • org.glassfish.jersey:jersey-bom 3.1.10
  • jakarta.xml.bind:jakarta.xml.bind-api 3.0.1
  • jakarta.activation:jakarta.activation-api 2.1.3
  • org.javassist:javassist 3.30.2-GA
  • org.glassfish.grizzly:grizzly-http-server 2.4.4
pom.xml
  • org.sonatype.oss:oss-parent 9
  • org.pac4j:pac4j-core 5.7.7
  • org.slf4j:slf4j-api 2.0.16
  • log4j:log4j 1.2.17
  • junit:junit 4.13.2
  • org.mockito:mockito-core 5.15.2
  • com.google.code.findbugs:findbugs-annotations 3.0.1
  • org.apache.maven.plugins:maven-compiler-plugin 3.13.0
  • org.apache.maven.plugins:maven-source-plugin 3.3.1
  • org.apache.maven.plugins:maven-javadoc-plugin 3.11.2
  • com.github.spotbugs:spotbugs-maven-plugin 4.9.1.0
  • org.apache.maven.plugins:maven-pmd-plugin 3.26.0
  • org.apache.maven.plugins:maven-enforcer-plugin 3.5.0
  • org.apache.maven.plugins:maven-gpg-plugin 3.2.7
  • org.pac4j:pac4j-http 5.7.7
  • org.slf4j:slf4j-simple 2.0.16
  • org.slf4j:jul-to-slf4j 2.0.16
resteasy6/pom.xml
  • org.pac4j.jax-rs:parent 6.0.2-SNAPSHOT
  • org.jboss.resteasy:resteasy-bom 6.0.3.Final
  • org.jboss.weld.servlet:weld-servlet-parent 4.0.3.Final
  • commons-codec:commons-codec 1.18.0
  • jakarta.servlet:jakarta.servlet-api 5.0.0
  • jakarta.enterprise:jakarta.enterprise.cdi-api 3.0.0
  • jakarta.inject:jakarta.inject-api 2.0.1.MR
  • org.jboss.logging:jboss-logging 3.6.1.Final
  • org.wildfly.common:wildfly-common 1.7.0.Final
  • io.undertow:undertow-servlet-jakarta 2.2.20.Final
  • io.undertow:undertow-core 2.2.20.Final
  • org.glassfish.jersey.core:jersey-client 3.0.10
  • org.glassfish.jersey.inject:jersey-cdi2-se 3.0.10
testing/pom.xml
  • org.pac4j.jax-rs:parent 6.0.2-SNAPSHOT
  • jakarta.ws.rs:jakarta.ws.rs-api 3.1.0
  • org.assertj:assertj-core 3.27.3
  • org.javassist:javassist 3.30.2-GA
  • org.awaitility:awaitility 4.2.2
  • org.objenesis:objenesis 3.4
  • Check this box to trigger a request for Renovate to run again on this repository
@leleuj leleuj closed this as completed Mar 7, 2022
@renovate renovate bot reopened this Mar 7, 2022
@jeanbritz
Copy link

Hi! Is there any plan to update these dependencies? Especially org.pac4j:pac4j-core dependency? The core dependency still compiles with version 5.7.3, which has a bunch of CVE's associated with.

And it makes it difficult to use other pac4j packages with my project like org.pac4j:pac4j-jwt which is using the version 6.0.1 of org.pac4j:pac4j-core for the core code.

@leleuj
Copy link
Member

leleuj commented Feb 17, 2025
edited
Loading

Nothing is planned yet, but any contribution will be welcomed.

@jeanbritz
Copy link

@leleuj Thanks for the reply.

Are there any contribution guidelines I should follow in the event I want to contribute?

@leleuj
Copy link
Member

leleuj commented Feb 17, 2025

Sure. There is: https://www.pac4j.org/docs/how-to-implement-pac4j-for-a-new-framework.html

But I think it might be much easier to look at an already performed upgrade for a main pac4j implementation. See this commit for example: pac4j/jee-pac4j@a63b3d7

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@leleuj @jeanbritz