Skip to content

Bump the minor-and-patch group with 3 updates#146

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/minor-and-patch-0f85465160
Open

Bump the minor-and-patch group with 3 updates#146
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/minor-and-patch-0f85465160

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the minor-and-patch group with 3 updates: io.undertow:undertow-core, com.fasterxml.jackson.dataformat:jackson-dataformat-cbor and com.nimbusds:nimbus-jose-jwt.

Updates io.undertow:undertow-core from 2.3.24.Final to 2.4.2.Final

Release notes

Sourced from io.undertow:undertow-core's releases.

v.2.4.1.Final

Release 2.4.1.Final Full list of Jiras: view in Jira

    # Release notes - Undertow - 2.4.1.Final

Bug

UNDERTOW-2763 As per RFC9112 reason-phrase is optional in HTTP 1.1 responses

Enhancement

UNDERTOW-2759 Enable testing in JDK25

UNDERTOW-2767 [2.4.x] UndertowMessages at core uses the wrong message id for fixes in new parser

v.2.4.0.Final

Release 2.4.0.Final Fixes CVE-2026-28367 CVE-2026-28368 CVE-2026-28369 Full list of Jiras: view in Jira

Release notes - Undertow - 2.4.0.Final

Feature Request

UNDERTOW-1593 Track processing time of in flight requests

UNDERTOW-1748 provide a way to "comment" a line in predicate language

UNDERTOW-1870 Hard-coded timeout for asynchronous HTTP requests - add async context timeout undertow option

UNDERTOW-1880 Undertow should support HTTP/2 connection management, wrt GOAWAY frame

UNDERTOW-1881 Add a new exchange attribute for SSL/TLS protocol version

UNDERTOW-2010 Provide method to invalidate all paths in CachingResourceManager

UNDERTOW-2242 Add UndertowOptions.ALLOW_ID_LESS_MATRIX_PARAMETERS

UNDERTOW-2273 Exchange Attribute parser doesn't handle nested attributes

UNDERTOW-2301 HTTP/2 cannot be configured on a per-listener basis

UNDERTOW-2319 Move io.undertow.multipart.minsize property to UndertowOptions

UNDERTOW-2553 Add rewriteHostHeader to ModCluster

UNDERTOW-2580 Support SameSite and custom cookie attributes

UNDERTOW-2696 Allow PathHandler to check for registered prefixes

... (truncated)

Commits
  • 92850b2 Prepare 2.4.2.Final
  • 8643d98 Merge pull request #1976 from ropalka/2026-06-23-backports-2.4.x
  • 5700856 [UNDERTOW-2709] UndertowOptions.ALLOWED_REQUEST_ATTRIBUTES_PATTERN is ignored...
  • f5f85e7 [UNDERTOW-2771] Revisited delimiters and unescaped characters
  • 7afc4df [UNDERTOW-2771] Decode query and path parameters if and only if parser is con...
  • 464418e [UNDERTOW-1918] ComplexSSLTestCase fails sporadically with ConnectionClosedEx...
  • 88734e1 Merge pull request #1973 from fl4via/backport-fixes_2.4.x
  • 665ff7f [UNDERTOW-2761] return 413 status instead of 500 in case of RequestTooBigExce...
  • e1daa7f [UNDERTOW-2759] Excluding new concurrency rules - they need further investiga...
  • 41c665f [UNDERTOW-2759] Excluding false positive - it is safe to have unread field no...
  • Additional commits viewable in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 2.21.3 to 2.22.0

Commits
  • 2071f42 [maven-release-plugin] prepare release jackson-dataformats-binary-2.22.0
  • 9720418 Prep for 2.22.0 release
  • 208c9d4 Merge branch '2.21' into 2.x
  • c330c1b Post-release dep version bump
  • 91416bd [maven-release-plugin] prepare for next development iteration
  • 644b624 [maven-release-plugin] prepare release jackson-dataformats-binary-2.21.4
  • b81c13a Prep for 2.21.4 release
  • c063e32 Merge branch '2.20' into 2.21
  • 0ec6014 Merge branch '2.19' into 2.20
  • 24e8802 Merge branch '2.18' into 2.19
  • Additional commits viewable in compare view

Updates com.nimbusds:nimbus-jose-jwt from 10.9 to 10.9.1

Commits
  • 94f4387 [maven-release-plugin] prepare for next development iteration
  • 5370446 Back-ports fix for iss #619
  • 62d00fc [maven-release-plugin] prepare release 10.9.1
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the minor-and-patch group with 3 updates: [io.undertow:undertow-core](https://github.com/undertow-io/undertow), [com.fasterxml.jackson.dataformat:jackson-dataformat-cbor](https://github.com/FasterXML/jackson-dataformats-binary) and [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt).


Updates `io.undertow:undertow-core` from 2.3.24.Final to 2.4.2.Final
- [Release notes](https://github.com/undertow-io/undertow/releases)
- [Commits](undertow-io/undertow@2.3.24.Final...2.4.2.Final)

Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-cbor` from 2.21.3 to 2.22.0
- [Commits](FasterXML/jackson-dataformats-binary@jackson-dataformats-binary-2.21.3...jackson-dataformats-binary-2.22.0)

Updates `com.nimbusds:nimbus-jose-jwt` from 10.9 to 10.9.1
- [Changelog](https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/10.9.1..10.9)

---
updated-dependencies:
- dependency-name: io.undertow:undertow-core
  dependency-version: 2.4.2.Final
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-cbor
  dependency-version: 2.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: com.nimbusds:nimbus-jose-jwt
  dependency-version: 10.9.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jul 1, 2026
@sonarqubecloud

sonarqubecloud Bot commented Jul 1, 2026

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants