Bump the maven group across 13 directories with 8 updates by dependabot[bot] · Pull Request #40 · khulnasoft/BenchWeb

dependabot · 2025-10-22T19:42:17Z

Bumps the maven group with 1 update in the /frameworks/Prolog/tuProlog directory: io.vertx:vertx-web.
Bumps the maven group with 1 update in the /frameworks/Java/netty directory: io.netty:netty-codec-http.
Bumps the maven group with 1 update in the /frameworks/Java/undertow-jersey directory: io.undertow:undertow-core.
Bumps the maven group with 1 update in the /frameworks/Java/undertow directory: io.undertow:undertow-core.
Bumps the maven group with 1 update in the /frameworks/Java/light-java directory: io.undertow:undertow-core.
Bumps the maven group with 1 update in the /frameworks/Java/ninja-standalone directory: com.fasterxml.jackson.core:jackson-core.
Bumps the maven group with 1 update in the /frameworks/Java/activeweb directory: com.fasterxml.jackson.core:jackson-core.
Bumps the maven group with 1 update in the /frameworks/Java/microhttp directory: com.fasterxml.jackson.core:jackson-core.
Bumps the maven group with 1 update in the /frameworks/Kotlin/kooby directory: org.postgresql:postgresql.
Bumps the maven group with 1 update in the /frameworks/Java/jooby directory: org.postgresql:postgresql.
Bumps the maven group with 1 update in the /frameworks/Java/wicket directory: org.apache.wicket:wicket-core.
Bumps the maven group with 1 update in the /frameworks/Java/javalin directory: gg.jte:jte.
Bumps the maven group with 1 update in the /frameworks/Java/restexpress directory: com.fasterxml.jackson.core:jackson-databind.

Updates io.vertx:vertx-web from 4.3.8 to 4.5.22

Commits

188938c Releasing 4.5.22
284cf73 StaticHandler should not serve files under hidden directories
b3edd39 Fix failing test due to Java 11 syntax usage
83fb341 Update StaticDirectoryListHandlerTest
78e61fc Make sure test dir is cleaned up
f2dbc2a StaticHandler should encode file names in directory listing
6c6aab0 Upgrade CI to Java 25
2c18f46 fix #2765: CookieSessionStore requires twice auth on first login (#2802)
2417a02 feature #2800 CORS: support moz-extension (#2804)
a02afbb This test fails repeatedly on Windows (gets 400 BAD Request). (#2791)
Additional commits viewable in compare view

Updates io.netty:netty-codec-http from 4.1.108.Final to 4.1.125.Final

Commits

56ea976 [maven-release-plugin] prepare release netty-4.1.125.Final
34894ac Merge commit from fork (#15612)
39d3ecf Merge commit from fork
151a486 Update to latest maven release (#15607)
af9c77e Update maven-surefire-plugin (#15186) (#15191)
105fedc Update JDK releases to latest patch release (#15601) (#15605)
bcd70f0 Fix IllegalReferenceCountException on invalid upgrade response (#15602) (#15606)
5e62bd4 Drop unknown frame on missing stream (#15592) (#15595)
864a569 Replace Java23 with Java24 for CI testing (#15102) (#15158)
f1cad0d Update to latest netty-tcnative release (#15587) (#15590)
Additional commits viewable in compare view

Updates io.undertow:undertow-core from 2.3.17.Final to 2.3.19.Final

Release notes

Sourced from io.undertow:undertow-core's releases.

v.2.3.19.Final

Release 2.3.19.Final fixes CVE-2024-4109 Full list of issues: view in Jira
    Release Notes - Undertow - Version 2.3.19.Final

... (truncated)

Commits

6c5d2f1 Prepare 2.3.19.Final
b1882cc Merge pull request #1782 from fl4via/backport-fixes_2.3.x
f8e4cef [UNDERTOW-2601] Update staging repository from wildfly-staging to jboss-io
e8eecc8 [UNDERTOW-2600] Upgrade jboss-parent pom to 50
3302cc9 [UNDERTOW-2601] Add developers and basic nexus settings to parent pom.xml
bd7ade7 [UNDERTOW-2522] Make maven compiler plugin fail on error so it does not obfus...
b259069 Merge pull request #1769 from fl4via/backport-fixes_2.3.x
67bfb3d [UNDERTOW-2576] ProxyHandler can throw NullPointerException if the source add...
2bb93ae [UNDERTOW-2574] At AbstractFramedChannel, also cover for the case where frame...
35f4863 [UNDERTOW-2574] Make sure the allocated buffer is closed in case AbstractFram...
Additional commits viewable in compare view

Updates io.undertow:undertow-core from 2.3.17.Final to 2.3.19.Final

Release notes

Sourced from io.undertow:undertow-core's releases.

v.2.3.19.Final

Release 2.3.19.Final fixes CVE-2024-4109 Full list of issues: view in Jira
    Release Notes - Undertow - Version 2.3.19.Final

... (truncated)

Commits

6c5d2f1 Prepare 2.3.19.Final
b1882cc Merge pull request #1782 from fl4via/backport-fixes_2.3.x
f8e4cef [UNDERTOW-2601] Update staging repository from wildfly-staging to jboss-io
e8eecc8 [UNDERTOW-2600] Upgrade jboss-parent pom to 50
3302cc9 [UNDERTOW-2601] Add developers and basic nexus settings to parent pom.xml
bd7ade7 [UNDERTOW-2522] Make maven compiler plugin fail on error so it does not obfus...
b259069 Merge pull request #1769 from fl4via/backport-fixes_2.3.x
67bfb3d [UNDERTOW-2576] ProxyHandler can throw NullPointerException if the source add...
2bb93ae [UNDERTOW-2574] At AbstractFramedChannel, also cover for the case where frame...
35f4863 [UNDERTOW-2574] Make sure the allocated buffer is closed in case AbstractFram...
Additional commits viewable in compare view

Updates io.undertow:undertow-core from 2.3.17.Final to 2.3.19.Final

Release notes

Sourced from io.undertow:undertow-core's releases.

v.2.3.19.Final

Release 2.3.19.Final fixes CVE-2024-4109 Full list of issues: view in Jira
    Release Notes - Undertow - Version 2.3.19.Final

... (truncated)

Commits

6c5d2f1 Prepare 2.3.19.Final
b1882cc Merge pull request #1782 from fl4via/backport-fixes_2.3.x
f8e4cef [UNDERTOW-2601] Update staging repository from wildfly-staging to jboss-io
e8eecc8 [UNDERTOW-2600] Upgrade jboss-parent pom to 50
3302cc9 [UNDERTOW-2601] Add developers and basic nexus settings to parent pom.xml
bd7ade7 [UNDERTOW-2522] Make maven compiler plugin fail on error so it does not obfus...
b259069 Merge pull request #1769 from fl4via/backport-fixes_2.3.x
67bfb3d [UNDERTOW-2576] ProxyHandler can throw NullPointerException if the source add...
2bb93ae [UNDERTOW-2574] At AbstractFramedChannel, also cover for the case where frame...
35f4863 [UNDERTOW-2574] Make sure the allocated buffer is closed in case AbstractFram...
Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-core from 2.9.9 to 2.15.0

Changelog

Sourced from com.fasterxml.jackson.core:jackson-core's changelog.

#release configuration #Sun Apr 23 14:19:10 PDT 2023 scm.commentPrefix=[maven-release-plugin] exec.pomFileName=pom.xml pushChanges=false releaseStrategyId=default project.dev.com.fasterxml.jackson.core:jackson-core=2.15.1-SNAPSHOT project.scm.com.fasterxml.jackson.core:jackson-core.connection=scm:git:git@github.com:FasterXML/jackson-core.git scm.tag=jackson-core-2.15.0 remoteTagging=true project.scm.com.fasterxml.jackson.core:jackson-core.developerConnection=scm:git:git@github.com:FasterXML/jackson-core.git exec.additionalArguments=-Prelease scm.branchCommitComment=@{prefix} prepare branch @{releaseLabel} projectVersionPolicyId=default scm.url=scm:git:git@github.com:FasterXML/jackson-core.git scm.tagNameFormat=@{project.artifactId}-@{project.version} project.scm.com.fasterxml.jackson.core:jackson-core.tag=HEAD pinExternals=false project.rel.com.fasterxml.jackson.core:jackson-core=2.15.0 preparationGoals=clean verify scm.releaseCommitComment=@{prefix} prepare release @{releaseLabel} exec.snapshotReleasePluginAllowed=false project.scm.com.fasterxml.jackson.core:jackson-core.url=https://github.com/FasterXML/jackson-core scm.developmentCommitComment=@{prefix} prepare for next development iteration scm.rollbackCommitComment=@{prefix} rollback the release of @{releaseLabel} completedPhase=end-release

Commits

a2c0bdc [maven-release-plugin] prepare release jackson-core-2.15.0
180027a Prepare for 2.15.0 release
2b41925 ...
85340aa Merge branch '2.14' into 2.15
ed846d9 ...
94ea208 Update release notes wrt #990
a4f2086 [2.14 only] backport removal of BigDecimal to BigInt conversion (#990)
1976c0d Try to get Release workflow working wrt SLSA provenance (fix #844) (#989)
0ee3ad8 ...
163540e [maven-release-plugin] prepare for next development iteration
Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-core from 2.9.9 to 2.15.0

Changelog

Sourced from com.fasterxml.jackson.core:jackson-core's changelog.

#release configuration #Sun Apr 23 14:19:10 PDT 2023 scm.commentPrefix=[maven-release-plugin] exec.pomFileName=pom.xml pushChanges=false releaseStrategyId=default project.dev.com.fasterxml.jackson.core:jackson-core=2.15.1-SNAPSHOT project.scm.com.fasterxml.jackson.core:jackson-core.connection=scm:git:git@github.com:FasterXML/jackson-core.git scm.tag=jackson-core-2.15.0 remoteTagging=true project.scm.com.fasterxml.jackson.core:jackson-core.developerConnection=scm:git:git@github.com:FasterXML/jackson-core.git exec.additionalArguments=-Prelease scm.branchCommitComment=@{prefix} prepare branch @{releaseLabel} projectVersionPolicyId=default scm.url=scm:git:git@github.com:FasterXML/jackson-core.git scm.tagNameFormat=@{project.artifactId}-@{project.version} project.scm.com.fasterxml.jackson.core:jackson-core.tag=HEAD pinExternals=false project.rel.com.fasterxml.jackson.core:jackson-core=2.15.0 preparationGoals=clean verify scm.releaseCommitComment=@{prefix} prepare release @{releaseLabel} exec.snapshotReleasePluginAllowed=false project.scm.com.fasterxml.jackson.core:jackson-core.url=https://github.com/FasterXML/jackson-core scm.developmentCommitComment=@{prefix} prepare for next development iteration scm.rollbackCommitComment=@{prefix} rollback the release of @{releaseLabel} completedPhase=end-release

Commits

a2c0bdc [maven-release-plugin] prepare release jackson-core-2.15.0
180027a Prepare for 2.15.0 release
2b41925 ...
85340aa Merge branch '2.14' into 2.15
ed846d9 ...
94ea208 Update release notes wrt #990
a4f2086 [2.14 only] backport removal of BigDecimal to BigInt conversion (#990)
1976c0d Try to get Release workflow working wrt SLSA provenance (fix #844) (#989)
0ee3ad8 ...
163540e [maven-release-plugin] prepare for next development iteration
Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-core from 2.13.3 to 2.15.0

Changelog

Sourced from com.fasterxml.jackson.core:jackson-core's changelog.

#release configuration #Sun Apr 23 14:19:10 PDT 2023 scm.commentPrefix=[maven-release-plugin] exec.pomFileName=pom.xml pushChanges=false releaseStrategyId=default project.dev.com.fasterxml.jackson.core:jackson-core=2.15.1-SNAPSHOT project.scm.com.fasterxml.jackson.core:jackson-core.connection=scm:git:git@github.com:FasterXML/jackson-core.git scm.tag=jackson-core-2.15.0 remoteTagging=true project.scm.com.fasterxml.jackson.core:jackson-core.developerConnection=scm:git:git@github.com:FasterXML/jackson-core.git exec.additionalArguments=-Prelease scm.branchCommitComment=@{prefix} prepare branch @{releaseLabel} projectVersionPolicyId=default scm.url=scm:git:git@github.com:FasterXML/jackson-core.git scm.tagNameFormat=@{project.artifactId}-@{project.version} project.scm.com.fasterxml.jackson.core:jackson-core.tag=HEAD pinExternals=false project.rel.com.fasterxml.jackson.core:jackson-core=2.15.0 preparationGoals=clean verify scm.releaseCommitComment=@{prefix} prepare release @{releaseLabel} exec.snapshotReleasePluginAllowed=false project.scm.com.fasterxml.jackson.core:jackson-core.url=https://github.com/FasterXML/jackson-core scm.developmentCommitComment=@{prefix} prepare for next development iteration scm.rollbackCommitComment=@{prefix} rollback the release of @{releaseLabel} completedPhase=end-release

Commits

a2c0bdc [maven-release-plugin] prepare release jackson-core-2.15.0
180027a Prepare for 2.15.0 release
2b41925 ...
85340aa Merge branch '2.14' into 2.15
ed846d9 ...
94ea208 Update release notes wrt #990
a4f2086 [2.14 only] backport removal of BigDecimal to BigInt conversion (#990)
1976c0d Try to get Release workflow working wrt SLSA provenance (fix #844) (#989)
0ee3ad8 ...
163540e [maven-release-plugin] prepare for next development iteration
Additional commits viewable in compare view

Updates org.postgresql:postgresql from 42.7.4 to 42.7.7

Release notes

Sourced from org.postgresql:postgresql's releases.

v42.7.7

Changes

Security

security: Client Allows Fallback to Insecure Authentication Despite channelBinding=require configuration. Fix channel binding required handling to reject non-SASL authentication Previously, when channel binding was set to "require", the driver would silently ignore this requirement for non-SASL authentication methods. This could lead to a false sense of security when channel binding was explicitly requested but not actually enforced. The fix ensures that when channel binding is set to "require", the driver will reject connections that use non-SASL authentication methods or when SASL authentication has not completed properly. See the Security Advisory for more detail. Reported by George MacKerron The following CVE-2025-49146 has been issued

Added

test: Added ChannelBindingRequiredTest to verify proper behavior of channel binding settings

🐛 Bug Fixes

fix: ensure Connection.isValid() returns true even if prepared statements deallocate @vlsi (#3655)

🧰 Maintenance

chore: bump slf4j and logback versions used for pgjdbc-osgi-test @vlsi (#3653)

chore: fix the default branch name for dependency-submission action @vlsi (#3650)

chore: add gradle/actions/dependency-submission so GitHub shows all dependencies used when building pgjdbc @vlsi (#3646)

⬆️ Dependencies

chore: bump slf4j and logback versions used for pgjdbc-osgi-test @vlsi (#3653)

chore(deps): update oracle-actions/setup-java action to v1.4.2 @renovate-bot (#3643)

fix(deps): update dependency checkstyle to v10.25.0 @renovate-bot (#3644)

chore: add gradle/actions/dependency-submission so GitHub shows all dependencies used when building pgjdbc @vlsi (#3646)

fix(deps): update dependency org.codehaus.groovy:groovy-all to v3.0.25 @renovate-bot (#3648)

fix(deps): update dependency org.openrewrite.rewrite:org.openrewrite.rewrite.gradle.plugin to v7.7.0 @renovate-bot (#3649)

chore(deps): update plugin com.gradle.develocity to v4.0.2 @renovate-bot (#3647)

chore(deps): update codecov/codecov-action digest to 15559ed @renovate-bot (#3636)

chore(deps): update dependency gradle to v8.14.1 @renovate-bot (#3637)

chore(deps): update plugin org.jetbrains.kotlin.jvm to v2.1.21 - autoclosed @renovate-bot (#3638)

chore(deps): update dependency sbt/sbt to v1.11.0 @renovate-bot (#3640)

fix(deps): update dependency com.github.spotbugs:com.github.spotbugs.gradle.plugin to v6.1.13 @renovate-bot (#3639)

v42.7.6

Changes

... (truncated)

Changelog

Sourced from org.postgresql:postgresql's changelog.

[42.7.7] (2025-06-10)

Security

security: Client Allows Fallback to Insecure Authentication Despite channelBinding=require configuration. Fix channel binding required handling to reject non-SASL authentication Previously, when channel binding was set to "require", the driver would silently ignore this requirement for non-SASL authentication methods. This could lead to a false sense of security when channel binding was explicitly requested but not actually enforced. The fix ensures that when channel binding is set to "require", the driver will reject connections that use non-SASL authentication methods or when SASL authentication has not completed properly. See the Security Advisory for more detail. Reported by George MacKerron The following CVE-2025-49146 has been issued

Added

test: Added ChannelBindingRequiredTest to verify proper behavior of channel binding settings

[42.7.6]

Features

fix: Enhanced DatabaseMetadata.getIndexInfo() method, added index comment as REMARKS property [PR #3513](pgjdbc/pgjdbc#3513)

Performance Improvements

performance: Improve ResultSetMetadata.fetchFieldMetaData by using IN row values instead of UNION ALL for improved query performance (later reverted) [PR #3510](pgjdbc/pgjdbc#3510)

feat:Use a single simple query for all startup parameters, so groupStartupParameters is no longer needed [PR #3613](pgjdbc/pgjdbc#3613)

Bug Fixes

Protocol & Connection Handling

fix: Send extra_float_digits=3 for PostgreSQL 12+ as well [PR #3491](pgjdbc/pgjdbc#3491)

fix: Fixed handling of protocol 3.2 and wider cancel keys [PR #3592](pgjdbc/pgjdbc#3592)

fix: Made PgConnection#abort compatible with Java 24 [PR #3582](pgjdbc/pgjdbc#3582)

fix: Fixed ArrayIndexOutOfBounds when writing big objects into GSS enabled connections [PR #3500](pgjdbc/pgjdbc#3500)

fix: Added back application name setting [PR #3509](pgjdbc/pgjdbc#3509)

Metadata & Catalog Handling

fix: Set column name explicitly when using current_database() in queries [PR #3526](pgjdbc/pgjdbc#3526)

fix: Use query to find the current catalog instead of relying on the database in the connection URL [pull #3565](pgjdbc/pgjdbc#3565)

fix: Refactored empty resultset to use empty result set if the catalog is not correct [PR #3588](pgjdbc/pgjdbc#3588)

API Improvements

fix: Undeprecated Fastpath API and fixed deprecation warnings [PR #3493](pgjdbc/pgjdbc#3493)

fix: Undeprecated sslfactoryarg [PR #3496](pgjdbc/pgjdbc#3496)

fix: Added PgMessageType and used static variables for protocol literals [PR #3609](pgjdbc/pgjdbc#3609)

fix: Add the ability to turn off automatic LSN flush [PR #3403](pgjdbc/pgjdbc#3403)

fix: isValid incorrectly called execute, instead of executeWithFlags [PR #3631](pgjdbc/pgjdbc#3631). Fixes [Issue #3630](pgjdbc/pgjdbc#3630)

fix: EOFException on PreparedStatement#toString with unset bytea parameter since 42.7.4 Commit 0a88ea4. Fixes [Issue #3365](pgjdbc/pgjdbc#3365)

Infrastructure & Build Improvements

... (truncated)

Commits

9217ed1 Merge commit from fork
cb10dce fix: ensure Connection.isValid() returns true even if prepared statements dea...
10e3546 chore: bump slf4j and logback versions used for pgjdbc-osgi-test
6c5ea88 chore: fix the default branch name for dependency-submission action
5616d5f chore(deps): update oracle-actions/setup-java action to v1.4.2
0d43f0a fix(deps): update dependency checkstyle to v10.25.0
d0a8890 chore: add gradle/actions/dependency-submission so GitHub shows all dependenc...
7105c75 fix(deps): update dependency org.codehaus.groovy:groovy-all to v3.0.25
d9a6fc6 fix(deps): update dependency org.openrewrite.rewrite:org.openrewrite.rewrite....
19dff83 chore(deps): update plugin com.gradle.develocity to v4.0.2
Additional commits viewable in compare view

Updates org.postgresql:postgresql from 42.7.4 to 42.7.7

Release notes

Sourced from org.postgresql:postgresql's releases.

v42.7.7

Changes

Security

security: Client Allows Fallback to Insecure Authentication Despite channelBinding=require configuration. Fix channel binding required handling to reject non-SASL authentication Previously, when channel binding was set to "require", the driver would silently ignore this requirement for non-SASL authentication methods. This could lead to a false sense of security when channel binding was explicitly requested but not actually enforced. The fix ensures that when channel binding is set to "require", the driver will reject connections that use non-SASL authentication methods or when SASL authentication has not completed properly. See the Security Advisory for more detail. Reported by George MacKerron The following CVE-2025-49146 has been issued

Added

test: Added ChannelBindingRequiredTest to verify proper behavior of channel binding settings

🐛 Bug Fixes

fix: ensure Connection.isValid() returns true even if prepared statements deallocate @vlsi (#3655)

🧰 Maintenance

chore: bump slf4j and logback versions used for pgjdbc-osgi-test @vlsi (#3653)

chore: fix the default branch name for dependency-submission action @vlsi (#3650)

chore: add gradle/actions/dependency-submission so GitHub shows all dependencies used when building pgjdbc @vlsi (#3646)

⬆️ Dependencies

chore: bump slf4j and logback versions used for pgjdbc-osgi-test @vlsi (#3653)

chore(deps): update oracle-actions/setup-java action to v1.4.2 @renovate-bot (#3643)

fix(deps): update dependency checkstyle to v10.25.0 @renovate-bot (#3644)

chore: add gradle/actions/dependency-submission so GitHub shows all dependencies used when building pgjdbc @vlsi (#3646)

fix(deps): update dependency org.codehaus.groovy:groovy-all to v3.0.25 @renovate-bot (#3648)

fix(deps): update dependency org.openrewrite.rewrite:org.openrewrite.rewrite.gradle.plugin to v7.7.0 @renovate-bot (#3649)

chore(deps): update plugin com.gradle.develocity to v4.0.2 @renovate-bot (#3647)

chore(deps): update codecov/codecov-action digest to 15559ed @renovate-bot (#3636)

chore(deps): update dependency gradle to v8.14.1 @renovate-bot (#3637)

chore(deps): update plugin org.jetbrains.kotlin.jvm to v2.1.21 - autoclosed @renovate-bot (#3638)

chore(deps): update dependency sbt/sbt to v1.11.0 @renovate-bot (#3640)

fix(deps): update dependency com.github.spotbugs:com.github.spotbugs.gradle.plugin to v6.1.13 @renovate-bot (#3639)

v42.7.6

Changes

... (truncated)

Changelog

Sourced from org.postgresql:postgresql's changelog.

[42.7.7] (2025-06-10)

Security

security: Client Allows Fallback to Insecure Authentication Despite channelBinding=require configuration. Fix channel binding required handling to reject non-SASL authentication Previously, when channel binding was set to "require", the driver would silently ignore this requirement for non-SASL authentication methods. This could lead to a false sense of security when channel binding was explicitly requested but not actually enforced. The fix ensures that when channel binding is set to "require", the driver will reject connections that use non-SASL authentication methods or when SASL authentication has not completed properly. See the Security Advisory for more detail. Reported by George MacKerron The following CVE-2025-49146 has been issued

Added

test: Added ChannelBindingRequiredTest to verify proper behavior of channel binding settings

[42.7.6]

Features

fix: Enhanced DatabaseMetadata.getIndexInfo() method, added index comment as REMARKS property [PR #3513](pgjdbc/pgjdbc#3513)

Performance Improvements

performance: Improve ResultSetMetadata.fetchFieldMetaData by using IN row values instead of UNION ALL for improved query performance (later reverted) [PR #3510](pgjdbc/pgjdbc#3510)

feat:Use a single simple query for all startup parameters, so groupStartupParameters is no longer needed [PR #3613](pgjdbc/pgjdbc#3613)

Bug Fixes

Protocol & Connection Handling

fix: Send extra_float_digits=3 for PostgreSQL 12+ as well [PR #3491](pgjdbc/pgjdbc#3491)

fix: Fixed handling of protocol 3.2 and wider cancel keys [PR #3592](pgjdbc/pgjdbc#3592)

fix: Made PgConnection#abort compatible with Java 24 [PR #3582](pgjdbc/pgjdbc#3582)

fix: Fixed ArrayIndexOutOfBounds when writing big objects into GSS enabled connections [PR #3500](pgjdbc/pgjdbc#3500)

fix: Added back application name setting [PR #3509](pgjdbc/pgjdbc#3509)

Metadata & Catalog Handling

fix: Set column name explicitly when using current_database() in queries [PR #3526](pgjdbc/pgjdbc#3526)

fix: Use query to find the current catalog instead of relying on the database in the connection URL [pull #3565](pgjdbc/pgjdbc#3565)

fix: Refactored empty resultset to use empty result set if the catalog is not correct [PR #3588](pgjdbc/pgjdbc#3588)

API Improvements

fix: Undeprecated Fastpath API and fixed deprecation warnings [PR #3493](pgjdbc/pgjdbc#3493)

fix: Undeprecated sslfactoryarg [PR #3496](pgjdbc/pgjdbc#3496)

fix: Added PgMessageType and used static variables for protocol literals [PR #3609](pgjdbc/pgjdbc#3609)

fix: Add the ability to turn off automatic LSN flush [PR #3403](pgjdbc/pgjdbc#3403)

fix: isValid incorrectly called execute, instead of executeWithFlags [PR #3631](pgjdbc/pgjdbc#3631). Fixes [Issue #3630](pgjdbc/pgjdbc#3630)

fix: EOFException on PreparedStatement#toString with unset bytea parameter since 42.7.4 Commit 0a88ea4. Fixes [Issue #3365](pgjdbc/pgjdbc#3365)

Infrastructure & Build Improvements

... (truncated)

Commits

9217ed1 Merge commit from fork
cb10dce fix: ensure Connection.isValid() returns true even if prepared statements dea...
10e3546 chore: bump slf4j and logback versions used for pgjdbc-osgi-test
6c5ea88 chore: fix the default branch name for dependency-submission action
5616d5f chore(deps): update oracle-actions/setup-java action to v1.4.2
0d43f0a fix(deps): update dependency checkstyle to v10.25.0
d0a8890 chore: add gradle/actions/dependency-submission so GitHub shows all dependenc...
7105c75 fix(deps): update dependency org.codehaus.groovy:groovy-all to v3.0.25
d9a6fc6 fix(deps): update dependency org.openrewrite.rewrite:org.openrewrite.rewrite....
19dff83 chore(deps): update plugin com.gradle.develocity to v4.0.2
Additional commits viewable in compare view

Updates org.apache.wicket:wicket-core from 9.18.0 to 9.19.0

Updates gg.jte:jte from 2.2.3 to 3.1.16

Release notes

Sourced from gg.jte:jte's releases.

3.1.16

GHSA-vh22-6c6h-rm8q Fix jte HTML templates with script tags or script attributes that include a Javascript template string (backticks) are subject to XSS. (thanks to https://github.com/Petersoj for reporting and reviewing the bugfix) It is strongly advised to upgrade as soon as possible if you use jte to output variables in Javascript template strings.

#416 Fix compilation in module enabled applications (thanks to @rickardoberg)

3.1.15

#401 spring-boot-starter: temporarily revert #398 (Add template change watcher for livereload), since the devtools dependency causes issues with production builds. This will get re-introduced, when we find a proper solution for it

3.1.14

#398 spring-boot-starter: Add template change watcher for livereload (thanks to @tschuehly!)

3.1.13

#365 Suppress warnings in generated Java source files. Thanks @rpost!

#381 make jte a non-optional dependency of spring-boot-starter-3

#385 Update property names to use kebab-case format and update Spring Boot to version 3.3.4. Thanks @tschuehly!

#388 Add spring-boot-starter dependency to jte-spring-boot-starters. Thanks @tschuehly!

#378 Add new property gg.jte.expose-request-attributes to jte-spring-boot-starter-3. Thanks @blaluc!

3.1.12

#359 fix for comments between html attributes (thanks to @tschuehly for finding & reporting)

3.1.11

#356 add defer and inert to the list of boolean attributes (thanks to @marcospereira)

#357 use of modern Java features and APIs internally (thanks to @marcospereira)

#358 add jte-jsp-converter-jakarta module (preview)

3.1.10

#328 Fix ${"\\"} causes "Unexpected end of template expression", thanks to @mhdeeb

#326 fix unsafe output in html tag content

#333 Update Gradle to 8.6 and add wrapper validation, thanks to @leonard84

#339 Maven Plugin: Fix Kotlin compiler args parameter setting, thanks to @marcospereira

3.1.9

Hotfix for #325, HTML Comments Inside Content Blocks Cause Compilation Failure in jte 3.1.7/3.1.8

Thank you @PsychotherapistSam for reporting!

3.1.8

Caution! There is a bug with HTML comments in this release. Please upgrade to 3.1.9 instead.

#324 Fix Kotlin models extension code generation for tags/templates in subfolders. Thanks @marcospereira for this quick hotfix!

3.1.7

Caution! There is a bug with HTML comments and with Kotlin model generation in this release. Please upgrade to 3.1.9 instead.
#311 Use Stream#toList() instead of collect(). Thanks to @MariusVolkhart This change could potentially break user code for these public methods:
 public List<String> TemplateEngine#generateAll()
 public List<String> TemplateEngine#precompileAll()

... (truncated)

Commits

d50dce8 Bump version to 3.1.16
a6fb00d Merge commit from fork
0c7d4ad Fix compilation in module enabled applications (#416)
6f5434e ci: Re-arrange workflows to remove duplication (#410)
190ced3 Fix broken link
afc0dac Bump version to 3.1.16-SNAPSHOT for further development
0b4d997 Bump version to 3.1.15
1ea5060 Revert "Add template change watcher for livereload (#398)"
1513abf Bump version to 3.1.15-SNAPSHOT for further development
6c22d52 Bump version to 3.1.14
Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.12.6.1 to 2.12.7.1

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this gro...

Description has been truncated

Bumps the maven group with 1 update in the /frameworks/Prolog/tuProlog directory: [io.vertx:vertx-web](https://github.com/vert-x3/vertx-web). Bumps the maven group with 1 update in the /frameworks/Java/netty directory: [io.netty:netty-codec-http](https://github.com/netty/netty). Bumps the maven group with 1 update in the /frameworks/Java/undertow-jersey directory: [io.undertow:undertow-core](https://github.com/undertow-io/undertow). Bumps the maven group with 1 update in the /frameworks/Java/undertow directory: [io.undertow:undertow-core](https://github.com/undertow-io/undertow). Bumps the maven group with 1 update in the /frameworks/Java/light-java directory: [io.undertow:undertow-core](https://github.com/undertow-io/undertow). Bumps the maven group with 1 update in the /frameworks/Java/ninja-standalone directory: [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core). Bumps the maven group with 1 update in the /frameworks/Java/activeweb directory: [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core). Bumps the maven group with 1 update in the /frameworks/Java/microhttp directory: [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core). Bumps the maven group with 1 update in the /frameworks/Kotlin/kooby directory: [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc). Bumps the maven group with 1 update in the /frameworks/Java/jooby directory: [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc). Bumps the maven group with 1 update in the /frameworks/Java/wicket directory: org.apache.wicket:wicket-core. Bumps the maven group with 1 update in the /frameworks/Java/javalin directory: [gg.jte:jte](https://github.com/casid/jte). Bumps the maven group with 1 update in the /frameworks/Java/restexpress directory: [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson). Updates `io.vertx:vertx-web` from 4.3.8 to 4.5.22 - [Commits](vert-x3/vertx-web@4.3.8...4.5.22) Updates `io.netty:netty-codec-http` from 4.1.108.Final to 4.1.125.Final - [Commits](netty/netty@netty-4.1.108.Final...netty-4.1.125.Final) Updates `io.undertow:undertow-core` from 2.3.17.Final to 2.3.19.Final - [Release notes](https://github.com/undertow-io/undertow/releases) - [Commits](undertow-io/undertow@2.3.17.Final...2.3.19.Final) Updates `io.undertow:undertow-core` from 2.3.17.Final to 2.3.19.Final - [Release notes](https://github.com/undertow-io/undertow/releases) - [Commits](undertow-io/undertow@2.3.17.Final...2.3.19.Final) Updates `io.undertow:undertow-core` from 2.3.17.Final to 2.3.19.Final - [Release notes](https://github.com/undertow-io/undertow/releases) - [Commits](undertow-io/undertow@2.3.17.Final...2.3.19.Final) Updates `com.fasterxml.jackson.core:jackson-core` from 2.9.9 to 2.15.0 - [Changelog](https://github.com/FasterXML/jackson-core/blob/jackson-core-2.15.0/release.properties) - [Commits](FasterXML/jackson-core@jackson-core-2.9.9...jackson-core-2.15.0) Updates `com.fasterxml.jackson.core:jackson-core` from 2.9.9 to 2.15.0 - [Changelog](https://github.com/FasterXML/jackson-core/blob/jackson-core-2.15.0/release.properties) - [Commits](FasterXML/jackson-core@jackson-core-2.9.9...jackson-core-2.15.0) Updates `com.fasterxml.jackson.core:jackson-core` from 2.13.3 to 2.15.0 - [Changelog](https://github.com/FasterXML/jackson-core/blob/jackson-core-2.15.0/release.properties) - [Commits](FasterXML/jackson-core@jackson-core-2.9.9...jackson-core-2.15.0) Updates `org.postgresql:postgresql` from 42.7.4 to 42.7.7 - [Release notes](https://github.com/pgjdbc/pgjdbc/releases) - [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md) - [Commits](pgjdbc/pgjdbc@REL42.7.4...REL42.7.7) Updates `org.postgresql:postgresql` from 42.7.4 to 42.7.7 - [Release notes](https://github.com/pgjdbc/pgjdbc/releases) - [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md) - [Commits](pgjdbc/pgjdbc@REL42.7.4...REL42.7.7) Updates `org.apache.wicket:wicket-core` from 9.18.0 to 9.19.0 Updates `gg.jte:jte` from 2.2.3 to 3.1.16 - [Release notes](https://github.com/casid/jte/releases) - [Commits](casid/jte@2.2.3...3.1.16) Updates `com.fasterxml.jackson.core:jackson-databind` from 2.12.6.1 to 2.12.7.1 - [Commits](https://github.com/FasterXML/jackson/commits) --- updated-dependencies: - dependency-name: io.vertx:vertx-web dependency-version: 4.5.22 dependency-type: direct:production dependency-group: maven - dependency-name: io.netty:netty-codec-http dependency-version: 4.1.125.Final dependency-type: direct:production dependency-group: maven - dependency-name: io.undertow:undertow-core dependency-version: 2.3.19.Final dependency-type: direct:production dependency-group: maven - dependency-name: io.undertow:undertow-core dependency-version: 2.3.19.Final dependency-type: direct:production dependency-group: maven - dependency-name: io.undertow:undertow-core dependency-version: 2.3.19.Final dependency-type: direct:production dependency-group: maven - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-version: 2.15.0 dependency-type: direct:production dependency-group: maven - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-version: 2.15.0 dependency-type: direct:production dependency-group: maven - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-version: 2.15.0 dependency-type: direct:production dependency-group: maven - dependency-name: org.postgresql:postgresql dependency-version: 42.7.7 dependency-type: direct:production dependency-group: maven - dependency-name: org.postgresql:postgresql dependency-version: 42.7.7 dependency-type: direct:production dependency-group: maven - dependency-name: org.apache.wicket:wicket-core dependency-version: 9.19.0 dependency-type: direct:production dependency-group: maven - dependency-name: gg.jte:jte dependency-version: 3.1.16 dependency-type: direct:production dependency-group: maven - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-version: 2.12.7.1 dependency-type: direct:production dependency-group: maven ... Signed-off-by: dependabot[bot] <support@github.com>

coderabbitai · 2025-10-22T19:42:29Z

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 22, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Comments

Bump the maven group across 13 directories with 8 updates#40

Bump the maven group across 13 directories with 8 updates#40
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/maven/frameworks/Prolog/tuProlog/maven-124600fd39

dependabot bot commented on behalf of github Oct 22, 2025

Uh oh!

coderabbitai bot commented Oct 22, 2025

Review skipped

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Comments

Conversation

dependabot bot commented on behalf of github Oct 22, 2025

v.2.3.19.Final

v.2.3.19.Final

v.2.3.19.Final

v42.7.7

Changes

Security

Added

🐛 Bug Fixes

🧰 Maintenance

⬆️ Dependencies

v42.7.6

Changes

[42.7.7] (2025-06-10)

Security

Added

[42.7.6]

Features

Performance Improvements

Bug Fixes

Protocol & Connection Handling

Metadata & Catalog Handling

API Improvements

Infrastructure & Build Improvements

v42.7.7

Changes

Security

Added

🐛 Bug Fixes

🧰 Maintenance

⬆️ Dependencies

v42.7.6

Changes

[42.7.7] (2025-06-10)

Security

Added

[42.7.6]

Features

Performance Improvements

Bug Fixes

Protocol & Connection Handling

Metadata & Catalog Handling

API Improvements

Infrastructure & Build Improvements

3.1.16

3.1.15

3.1.14

3.1.13

3.1.12

3.1.11

3.1.10

3.1.9

3.1.8

3.1.7

Uh oh!

coderabbitai bot commented Oct 22, 2025

Review skipped

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants