Consolidated Dependency Updates (Take2)

[melba-lopez]

Description

ORIGINAL PR #2725

Consolidated dependency updates

Package	Type	Update	Change
'mysql:mysql-connector-java '	compile	patch	'8.0.29 -> 8.0.33 '
org.glassfish.jaxb:jaxb-runtime (source)	compile	patch	2.3.6 -> 2.3.8
org.postgresql:postgresql (source)	compile	minor	42.5.1 -> 42.6.0
eclipse-temurin	stage	patch	17.0.6_10-jre-focal -> 17.0.7_7-jre-focal
com.microsoft.sqlserver:mssql-jdbc	compile	major	11.2.3.jre17 -> 12.2.0.jre11
'jekyll '		major	'3.8 -> 4.0 '
'org.eclipse.jetty:jetty-maven-plugin (source) '	build	major	'10.0.15 -> 11.0.15 '

Addressed Issue

Additional Details

Upgrades not compatible at this time:

• mysql:mysql-connector-java
• org.eclipse.jetty:jetty-maven-plugin

Postponed:

• jekyll per Consolidated dependency updates #2725 (comment)

Checklist

• I have read and understand the contributing guidelines
• This PR fixes a defect, and I have provided tests to verify that the fix is effective
• This PR implements an enhancement, and I have provided tests to verify that it works as intended
• This PR introduces changes to the database model, and I have added corresponding update logic
• This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

[melba-lopez]

@nscuro not sure why DCO is failing if i did signoff on all my commits. 😿 they all say Signed-off-by: Melba Lopez <Melba.Lopez@ibm.com>

[valentijnscholten]

I think the problem is the email address in the sign-off: https://github.com/DependencyTrack/dependency-track/pull/2832/checks?check_run_id=14392050786

[melba-lopez]

I think the problem is the email address in the sign-off: https://github.com/DependencyTrack/dependency-track/pull/2832/checks?check_run_id=14392050786

Unfortunately, if you look at the other commits (which are passing) they all say Signed-off-by: Melba Lopez Melba.Lopez@ibm.com

Passing:
- 62c3418
- 6bcc4ea
- 53d023c

Failing:
- a29f033
- 4c75ef5

Interestingly enough, only Reverting Jekyll shows a red x and that its not passing. So why do the logs show 2 but only 1 gets flagged? and why are they even getting flagged if every commit says the same thing for signoff. 😞

[msymons]

@nscuro not sure why DCO is failing if i did signoff on all my commits. 😿 they all say Signed-off-by: Melba Lopez <Melba.Lopez@ibm.com>

@melba-lopez, this might be a red herring (because some of your commits were fine) but just checking... Is this what is configured as your primary email account in GitHub? That is what DCO expects.

The first time I tried to use DCO I used my secondary email. The sig was otherwise 100% correctly formatted... and DCO failed. Most annoying.

[nscuro]

@melba-lopez Stupid question, but did you sign-off "manually" via commit message, or did you use the -s flag when committing? I don't know why, but I had it happen multiple times to me that the manual way was not accepted, despite it looking exactly like what -s would produce. Your commits look fine to me as well.

[valentijnscholten]

Maybe just rebase and/or squash and sign the new commit(s)?

[nscuro]

@valentijnscholten Maybe just rebase and/or squash and sign the new commit(s)?

Good call. Likely best way forward here :D

[melba-lopez]

it seems to be because the last 2 i signed off via the UI versus command line sigh DCO is passing now