navicore/navijson
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Update dependency sbt/sbt to v1.9.4 #34

Merged
renovate[bot] merged 1 commit from renovate/sbt-sbt-1.x into master 2023-08-25 12:34:47 +00:00
Conversation 0 Commits 1 Files changed 1 +1 -1
renovate[bot] commented 2023-08-25 03:18:01 +00:00 (Migrated from github.com)
Copy link

Mend Renovate

This PR contains the following updates:

Package Update Change
sbt/sbt patch 1.9.3 -> 1.9.4

Release Notes

sbt/sbt (sbt/sbt)

v1.9.4: 1.9.4

Compare Source

CVE-2022-46751

CVE-2022-46751 is a security vulnerability discovered in Apache Ivy, but found also in Coursier.

With coordination with Apache Foundation, Adrien Piquerez (@​adpi2) from Scala Center backported the fix to both our Ivy 2.3 fork and Coursier. sbt 1.9.4 updates them to the fixed versions.

Other updates

new contributors

Full Changelog: https://github.com/sbt/sbt/compare/v1.9.3...v1.9.4

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [sbt/sbt](https://togithub.com/sbt/sbt) | patch | `1.9.3` -> `1.9.4` | --- ### Release Notes <details> <summary>sbt/sbt (sbt/sbt)</summary> ### [`v1.9.4`](https://togithub.com/sbt/sbt/releases/tag/v1.9.4): 1.9.4 [Compare Source](https://togithub.com/sbt/sbt/compare/v1.9.3...v1.9.4) ##### CVE-2022-46751 [CVE-2022-46751](https://togithub.com/advisories/GHSA-2jc4-r94c-rp7h) is a security vulnerability discovered in Apache Ivy, but found also in Coursier. With coordination with Apache Foundation, Adrien Piquerez ([@&#8203;adpi2](https://togithub.com/adpi2)) from Scala Center backported the fix to both our Ivy 2.3 fork and Coursier. sbt 1.9.4 updates them to the fixed versions. #### Other updates - Fixes `sbt_script` lookup by replacing all spaces with `%20` (not only the first one) in the path. by [@&#8203;arturaz](https://togithub.com/arturaz) in [https://github.com/sbt/sbt/pull/7349](https://togithub.com/sbt/sbt/pull/7349) - Fixes [scala-debug-adapter#543](https://togithub.com/scala-debug-adapter/sbt/issues/543): Maintain order of internal deps by [@&#8203;adpi2](https://togithub.com/adpi2) in [https://github.com/sbt/sbt/pull/7347](https://togithub.com/sbt/sbt/pull/7347) - Removes `conscriptConfigs` task, not used and needed(?) anymore by [@&#8203;mkurz](https://togithub.com/mkurz) in [https://github.com/sbt/sbt/pull/7353](https://togithub.com/sbt/sbt/pull/7353) - Adds a Scala 3 seed to the `sbt new` menu by [@&#8203;SethTisue](https://togithub.com/SethTisue) in [https://github.com/sbt/sbt/pull/7354](https://togithub.com/sbt/sbt/pull/7354) #### new contributors - [@&#8203;arturaz](https://togithub.com/arturaz) made their first contribution in [https://github.com/sbt/sbt/pull/7349](https://togithub.com/sbt/sbt/pull/7349) **Full Changelog**: https://github.com/sbt/sbt/compare/v1.9.3...v1.9.4 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/navicore/navijson). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi41Ni4wIiwidXBkYXRlZEluVmVyIjoiMzYuNTYuMCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciJ9-->
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
bug
Something isn't working

  
duplicate
This issue or pull request already exists

  
enhancement
New feature or request

  
good first issue
Good for newcomers

  
help wanted
Extra attention is needed

  
invalid
This doesn't seem right

  
question
Further information is requested

  
wontfix
This will not be worked on

No labels
bug
duplicate
enhancement
good first issue
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
navicore/navijson!34
No description provided.