Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pull upstream #3

Merged
merged 45 commits into from
Jun 21, 2023
Merged

Pull upstream #3

merged 45 commits into from
Jun 21, 2023

Conversation

willdollman
Copy link

Pull changes from upstream repo to fix vulns

Test plan

  • Vulnerability scanning using grype
  • Basic functionality testing of application
  • CI tests

gaul and others added 30 commits December 23, 2022 15:03
@gaul
Upgrade spotbugs to 4.7.3
68237a1 
Release notes:

https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md#473---2022-10-15
@dependabot @gaul
Bump maven-jar-plugin from 3.2.2 to 3.3.0
ddd3268 
Bumps [maven-jar-plugin](https://github.com/apache/maven-jar-plugin) from 3.2.2 to 3.3.0.
- [Release notes](https://github.com/apache/maven-jar-plugin/releases)
- [Commits](apache/maven-jar-plugin@maven-jar-plugin-3.2.2...maven-jar-plugin-3.3.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-jar-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump maven-resources-plugin from 3.2.0 to 3.3.0
9408f53 
Bumps [maven-resources-plugin](https://github.com/apache/maven-resources-plugin) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/apache/maven-resources-plugin/releases)
- [Commits](apache/maven-resources-plugin@maven-resources-plugin-3.2.0...maven-resources-plugin-3.3.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-resources-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump maven-assembly-plugin from 3.4.1 to 3.4.2
92c6171 
Bumps [maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) from 3.4.1 to 3.4.2.
- [Release notes](https://github.com/apache/maven-assembly-plugin/releases)
- [Commits](apache/maven-assembly-plugin@maven-assembly-plugin-3.4.1...maven-assembly-plugin-3.4.2)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-assembly-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@gaul
Suppress spurious md5 deprecation warnings
81e8854
@gaul
Remove unneeded AliasBlobStore directory methods
b72a6fe 
These are not needed and generate deprecation warnings.
@gaul
Upgrade to error-prone 2.16
302e205 
Release notes:

https://github.com/google/error-prone/releases/tag/v2.16
@dependabot @gaul
Bump jetty-servlet from 11.0.11 to 11.0.13
9524d03 
Bumps [jetty-servlet](https://github.com/eclipse/jetty.project) from 11.0.11 to 11.0.13.
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-11.0.11...jetty-11.0.13)

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump maven-shade-plugin from 3.3.0 to 3.4.1
69eadc5 
Bumps [maven-shade-plugin](https://github.com/apache/maven-shade-plugin) from 3.3.0 to 3.4.1.
- [Release notes](https://github.com/apache/maven-shade-plugin/releases)
- [Commits](apache/maven-shade-plugin@maven-shade-plugin-3.3.0...maven-shade-plugin-3.4.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-shade-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump maven-checkstyle-plugin from 3.1.2 to 3.2.0
56a6311 
Bumps [maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.1.2 to 3.2.0.
- [Release notes](https://github.com/apache/maven-checkstyle-plugin/releases)
- [Commits](apache/maven-checkstyle-plugin@maven-checkstyle-plugin-3.1.2...maven-checkstyle-plugin-3.2.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-checkstyle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump slf4j.version from 1.7.36 to 2.0.6
d94c0d8 
Bumps `slf4j.version` from 1.7.36 to 2.0.6.

Updates `slf4j-api` from 1.7.36 to 2.0.6
- [Release notes](https://github.com/qos-ch/slf4j/releases)
- [Commits](qos-ch/slf4j@v_1.7.36...v_2.0.6)

Updates `jcl-over-slf4j` from 1.7.36 to 2.0.6
- [Release notes](https://github.com/qos-ch/slf4j/releases)
- [Commits](qos-ch/slf4j@v_1.7.36...v_2.0.6)

---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: org.slf4j:jcl-over-slf4j
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump logback-classic from 1.2.11 to 1.4.5
47605c9 
Bumps [logback-classic](https://github.com/qos-ch/logback) from 1.2.11 to 1.4.5.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.2.11...v_1.4.5)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump maven-javadoc-plugin from 3.4.0 to 3.4.1
ad6a994 
Bumps [maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/apache/maven-javadoc-plugin/releases)
- [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.4.0...maven-javadoc-plugin-3.4.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-javadoc-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump maven-install-plugin from 3.0.1 to 3.1.0
55f7794 
Bumps [maven-install-plugin](https://github.com/apache/maven-install-plugin) from 3.0.1 to 3.1.0.
- [Release notes](https://github.com/apache/maven-install-plugin/releases)
- [Commits](apache/maven-install-plugin@maven-install-plugin-3.0.1...maven-install-plugin-3.1.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-install-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@gaul
Configure Dependabot for monthly notifications
65725c4
@gaul
Upgrade to jclouds 2.6.0-SNAPSHOT
222f479 
Shuffle some test teardown methods to satisfy newer testng.
References gaul#473.
@dependabot @gaul
Bump assertj-core from 3.23.1 to 3.24.2
7ca3b80 
Bumps assertj-core from 3.23.1 to 3.24.2.

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump maven-checkstyle-plugin from 3.2.0 to 3.2.1
78f0f67 
Bumps [maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.2.0 to 3.2.1.
- [Release notes](https://github.com/apache/maven-checkstyle-plugin/releases)
- [Commits](apache/maven-checkstyle-plugin@maven-checkstyle-plugin-3.2.0...maven-checkstyle-plugin-3.2.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-checkstyle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump maven-enforcer-plugin from 3.1.0 to 3.2.1
59094ba 
Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 3.1.0 to 3.2.1.
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](apache/maven-enforcer@enforcer-3.1.0...enforcer-3.2.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump commons-fileupload from 1.4 to 1.5
7624ffa 
Bumps commons-fileupload from 1.4 to 1.5.

---
updated-dependencies:
- dependency-name: commons-fileupload:commons-fileupload
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump maven-deploy-plugin from 3.0.0 to 3.1.0
86c384f 
Bumps [maven-deploy-plugin](https://github.com/apache/maven-deploy-plugin) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/apache/maven-deploy-plugin/releases)
- [Commits](apache/maven-deploy-plugin@maven-deploy-plugin-3.0.0...maven-deploy-plugin-3.1.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-deploy-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump surefire.version from 3.0.0-M8 to 3.0.0-M9
df71002 
Bumps `surefire.version` from 3.0.0-M8 to 3.0.0-M9.

Updates `surefire-junit47` from 3.0.0-M8 to 3.0.0-M9

Updates `surefire-testng` from 3.0.0-M8 to 3.0.0-M9

Updates `surefire-junit-platform` from 3.0.0-M8 to 3.0.0-M9

Updates `maven-surefire-plugin` from 3.0.0-M8 to 3.0.0-M9
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.0.0-M8...surefire-3.0.0-M9)

---
updated-dependencies:
- dependency-name: org.apache.maven.surefire:surefire-junit47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.surefire:surefire-testng
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.surefire:surefire-junit-platform
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump maven-compiler-plugin from 3.10.1 to 3.11.0
5bc031d 
Bumps [maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.10.1 to 3.11.0.
- [Release notes](https://github.com/apache/maven-compiler-plugin/releases)
- [Commits](apache/maven-compiler-plugin@maven-compiler-plugin-3.10.1...maven-compiler-plugin-3.11.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-compiler-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump maven-assembly-plugin from 3.4.2 to 3.5.0
5a1fe3b 
Bumps [maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) from 3.4.2 to 3.5.0.
- [Release notes](https://github.com/apache/maven-assembly-plugin/releases)
- [Commits](apache/maven-assembly-plugin@maven-assembly-plugin-3.4.2...maven-assembly-plugin-3.5.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-assembly-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump jetty-servlet from 11.0.13 to 11.0.14
e3857ba 
Bumps [jetty-servlet](https://github.com/eclipse/jetty.project) from 11.0.13 to 11.0.14.
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-11.0.13...jetty-11.0.14)

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@srujandeshpande @gaul
Add S3PROXY_JAVA_OPTS environment variable
2f941aa
@dependabot @gaul
Bump logback-classic from 1.4.5 to 1.4.6
cdbbd44 
Bumps [logback-classic](https://github.com/qos-ch/logback) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.4.5...v_1.4.6)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump maven-install-plugin from 3.1.0 to 3.1.1
655cac6 
Bumps [maven-install-plugin](https://github.com/apache/maven-install-plugin) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/apache/maven-install-plugin/releases)
- [Commits](apache/maven-install-plugin@maven-install-plugin-3.1.0...maven-install-plugin-3.1.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-install-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump maven-javadoc-plugin from 3.4.1 to 3.5.0
3cb90b2 
Bumps [maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.4.1 to 3.5.0.
- [Release notes](https://github.com/apache/maven-javadoc-plugin/releases)
- [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.4.1...maven-javadoc-plugin-3.5.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-javadoc-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump surefire.version from 3.0.0-M9 to 3.0.0
2d36d09 
Bumps `surefire.version` from 3.0.0-M9 to 3.0.0.

Updates `surefire-junit47` from 3.0.0-M9 to 3.0.0

Updates `surefire-testng` from 3.0.0-M9 to 3.0.0

Updates `surefire-junit-platform` from 3.0.0-M9 to 3.0.0

Updates `maven-surefire-plugin` from 3.0.0-M9 to 3.0.0
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.0.0-M9...surefire-3.0.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.surefire:surefire-junit47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.surefire:surefire-testng
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.surefire:surefire-junit-platform
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
dependabot bot and others added 15 commits April 2, 2023 09:00
@dependabot @gaul
Bump slf4j.version from 2.0.6 to 2.0.7
af05534 
Bumps `slf4j.version` from 2.0.6 to 2.0.7.

Updates `slf4j-api` from 2.0.6 to 2.0.7
- [Release notes](https://github.com/qos-ch/slf4j/releases)
- [Commits](qos-ch/slf4j@v_2.0.6...v_2.0.7)

Updates `jcl-over-slf4j` from 2.0.6 to 2.0.7
- [Release notes](https://github.com/qos-ch/slf4j/releases)
- [Commits](qos-ch/slf4j@v_2.0.6...v_2.0.7)

---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.slf4j:jcl-over-slf4j
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@kinoute @gaul
Configure Keystore through environment variables
52d942d
@kinoute @gaul
Fix variable typo
b8d285d
@kinoute @gaul
Configure Secure Endpoint with environment variable
bc607d6
@kinoute @gaul
Set default non chunked request size value
d42e42c
@kinoute @gaul
Expose 443 port for TLS/secure endpoint feature
ef94f39
@kinoute @gaul
Improve TLS Support documentation
755456e
@kinoute @gaul
Align SSL/TLS terminology
f84bec3
@gaul
Update s3-tests submodule
886eb53 
References gaul#479.
@dependabot @gaul
Bump jetty-servlet from 11.0.14 to 11.0.15
6f7613d 
Bumps [jetty-servlet](https://github.com/eclipse/jetty.project) from 11.0.14 to 11.0.15.
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-11.0.14...jetty-11.0.15)

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @gaul
Bump logback-classic from 1.4.6 to 1.4.7
26603a5 
Bumps [logback-classic](https://github.com/qos-ch/logback) from 1.4.6 to 1.4.7.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.4.6...v_1.4.7)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@gaul
Update s3-tests
5996114 
Fixes gaul#479.
@gaul
Add and ignore x-amz-api-version
99c1486 
Fixes gaul#497.
@timuralp @gaul
Cleanup the build workflow
e7dc97a
@willdollman
Merge remote-tracking branch 'upstream/master'
1afa8cc
@willdollman willdollman merged commit 36c5d36 into master Jun 21, 2023
@willdollman willdollman deleted the will/pull-upstream branch June 21, 2023 15:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@willdollman @gaul @srujandeshpande @kinoute @timuralp