Update dependency io.dropwizard:dropwizard-core to v4 - autoclosed #417

mend-for-github-com · 2024-02-15T02:42:03Z

This PR contains the following updates:

Package	Type	Update	Change
io.dropwizard:dropwizard-core	compile	major	`1.3.13` -> `4.0.0`

By merging this PR, the below issues will be automatically resolved and closed:

Severity	CVSS Score	CVE	GitHub Issue
High	7.0	CVE-2020-27216	#187

By merging this PR, the below issues will be automatically resolved and closed:

Severity	CVSS Score	CVE	GitHub Issue
High	7.5	CVE-2023-6481	#410

By merging this PR, the below issues will be automatically resolved and closed:

Severity	CVSS Score	CVE	GitHub Issue
Critical	9.8	CVE-2022-1471	#362
High	7.5	CVE-2017-18640	#85
High	7.5	CVE-2021-28165	#296
High	7.5	CVE-2022-25857	#348

By merging this PR, the below issues will be automatically resolved and closed:

Severity	CVSS Score	CVE	GitHub Issue
High	7.5	CVE-2023-36478	#403

Release Notes

dropwizard/dropwizard (io.dropwizard:dropwizard-core)

`v4.0.0`

Compare Source

Dropwizard 4.0.0

It's finally here, the next major release of Dropwizard! This one has been developed and released in tandem with Dropwizard 3.0.0.

If you're wondering what the differences are: Not much!

3️⃣ Dropwizard 3.0.0 is still based on and is using dependencies for Java EE and the javax.* package namespace. The effort to migrate from Dropwizard 2.x to Dropwizard 3.0.0 should be minimal for many projects.

4️⃣ Dropwizard 4.0.0 is based on and is using dependencies for Jakarta EE and the jakarta.* package namespace. The effort to migrate from Dropwizard 2.x to Dropwizard 4.0.0 might be bigger due to more package changes and more breaking changes in our dependencies.

📣 In any case, let us know how the migration went and if you were missing anything important in the upgrade notes in our GitHub Discussions!

⚠️ Breaking changes

For a full list of relevant changes please refer to the Upgrade Notes for Dropwizard 4.0.x.

Java 11 baseline

Dropwizard 4.0.0 and later require Java 11 as a baseline. Later versions of Java are also working.

Dropwizard Package Structure and JPMS

In order to properly support the Java Platform Module System (JPMS), the Java packages in modules must not overlap, or put differently, the packages may not be split into multiple modules.

Dropwizard 4.0.0 won’t enable full support for the JPMS. Instead, as a transition step, automatic modules are introduced.

Affected packages:

Transition to Jakarta EE

Previously released Dropwizard versions used Java/Jakarta EE dependencies under the javax namespace. Dropwizard 4.0.x transitioned to Jakarta EE 9 components and therefore utilize the new jakarta namespace for many components.

This means that most of the imports of existing applications using Dropwizard 2.x or 3.x will have to be changed from the javax to the jakarta namespace. However, other components still use the javax namespace, so a simple search and replace could break other imports.

Jakarta EE 9 compatibility

As stated above, Dropwizard 4.0.x will transition to Jakarta EE 9 components. This means, Dropwizard will now try to be consistent with one specific EE version.

Therefore Dropwizard 4.0.x will stay on components of Jakarta EE 9 and the transition to components of Jakarta EE 10 will be postponed to an other release series.

Since the EE version bump will probably introduce breaking changes, the Jakarta EE 10 components will be most likely integrated in Dropwizard 5.0.x and not in a 4.1.x release.

Jetty 11

The main change introduced in Dropwizard 4.0.0 is the upgrade to Jetty 11.0.x. Jetty 11.0.x is built for Java 11, therefore the Java version change was necessary.

This change comes with some migration cost. For detailed information regarding the changes introduced in Jetty 11.0.x, refer to the Jetty migration guide.

Apache HttpClient 5

The version of Apache HttpClient used in dropwizard-client has been updated to version 5.x.

For more information refer to the Apache HttpClient 5.0 migration guide.

Hibernate 6

Hibernate 5.6 provides compatible implementations for JPA 2.2 and for Jakarta Persistence 3.0.

But Hibernate 6.0 and 6.1 still provide compatible implementations for Jakarta Persistence 3.0, so we upgraded to Hibernate 6.1 in Dropwizard 4.0.x.

If any other aspects from Hibernate are used in an application rather than those provided by Dropwizard, there might be an additional migration cost. Please follow the Hibernate 6 migration guide and the Hibernate 6.1 migration guide, if you encounter any problems.

Removed Support for JUnit 4.x

Support for testing with JUnit 4.x has been moved from dropwizard-testing to dropwizard-testing-junit4.

🥇 Special thanks

The release of Dropwizard 3.0.0 wouldn't have been possible without the help of the community (YOU!) and especially the following contributors:

@zUniQueX, @rhowe, @pstackle, @dennyac, and countless others!

What's Changed since Dropwizard 4.0.0-beta.4

Update dependency org.apache.tomcat:tomcat-jdbc to v10.1.6 by @renovate in https://github.com/dropwizard/dropwizard/pull/6743
Update github/codeql-action digest to 32dc499 by @renovate in https://github.com/dropwizard/dropwizard/pull/6742
Update dependency org.eclipse.jetty:jetty-bom to v11.0.14 by @renovate in https://github.com/dropwizard/dropwizard/pull/6755
Update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.11.0 by @renovate in https://github.com/dropwizard/dropwizard/pull/6756
Update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.11.0 by @renovate in https://github.com/dropwizard/dropwizard/pull/6757
Update scacap/action-surefire-report digest to a2d14ba by @renovate in https://github.com/dropwizard/dropwizard/pull/6754
Update dependency org.checkerframework:checker-qual to v3.32.0 by @renovate in https://github.com/dropwizard/dropwizard/pull/6766
Properly declare plugin versions in java-simple archetype by @joschi in https://github.com/dropwizard/dropwizard/pull/6769
Update dependency org.apache.tomcat:tomcat-jdbc to v10.1.7 by @renovate in https://github.com/dropwizard/dropwizard/pull/6771
Update dependency com.github.ben-manes.caffeine:caffeine to v3.1.5 by @renovate in https://github.com/dropwizard/dropwizard/pull/6773
Update dependency net.bytebuddy:byte-buddy to v1.14.1 by @renovate in https://github.com/dropwizard/dropwizard/pull/6778
Update dependency com.uber.nullaway:nullaway to v0.10.10 by @renovate in https://github.com/dropwizard/dropwizard/pull/6782
Update actions/cache action to v3.3.0 by @renovate in https://github.com/dropwizard/dropwizard/pull/6792
Update mockito monorepo to v5.2.0 (minor) by @renovate in https://github.com/dropwizard/dropwizard/pull/6793
Update github/codeql-action digest to 16964e9 by @renovate in https://github.com/dropwizard/dropwizard/pull/6804
Update actions/cache action to v3.3.1 by @renovate in https://github.com/dropwizard/dropwizard/pull/6805
Update scacap/action-surefire-report digest to 4845216 by @renovate in https://github.com/dropwizard/dropwizard/pull/6817
Update dependency maven to v3.8.8 by @renovate in https://github.com/dropwizard/dropwizard/pull/6818
Update dependency net.bytebuddy:byte-buddy to v1.14.2 by @renovate in https://github.com/dropwizard/dropwizard/pull/6819
Update dependency maven-wrapper to v3.2.0 by @renovate in https://github.com/dropwizard/dropwizard/pull/6820
Update dependency org.apache.maven.plugins:maven-surefire-plugin to v3 by @renovate in https://github.com/dropwizard/dropwizard/pull/6821
Update dependency org.apache.maven.plugins:maven-surefire-plugin to v3 by @renovate in https://github.com/dropwizard/dropwizard/pull/6822
Update logback.version to v1.4.6 (patch) by @renovate in https://github.com/dropwizard/dropwizard/pull/6836
Update actions/checkout digest to 24cb908 by @renovate in https://github.com/dropwizard/dropwizard/pull/6834
Update github/codeql-action digest to 168b99b by @renovate in https://github.com/dropwizard/dropwizard/pull/6835
Update actions/checkout action to v3.4.0 by @renovate in https://github.com/dropwizard/dropwizard/pull/6837
Update slf4j.version to v2.0.7 (patch) by @renovate in https://github.com/dropwizard/dropwizard/pull/6839
Update dependency io.dropwizard.metrics:metrics-bom to v4.2.18 by @renovate in https://github.com/dropwizard/dropwizard/pull/6847
Update dependency maven to v3.9.1 by @renovate in https://github.com/dropwizard/dropwizard/pull/6848
Update dependency org.apache.maven.plugins:maven-help-plugin to v3.4.0 by @renovate in https://github.com/dropwizard/dropwizard/pull/6849
Update dependency com.mattbertolini:liquibase-slf4j to v5 by @renovate in https://github.com/dropwizard/dropwizard/pull/6854
Update dependency org.apache.maven.plugins:maven-release-plugin to v3 by @renovate in https://github.com/dropwizard/dropwizard/pull/6855
Update github/codeql-action digest to 67a35a0 by @renovate in https://github.com/dropwizard/dropwizard/pull/6859
Update actions/stale action to v8 by @renovate in https://github.com/dropwizard/dropwizard/pull/6864
Use Mockito BOM in dropwizard-dependencies by @joschi in https://github.com/dropwizard/dropwizard/pull/6867
Update actions/checkout digest to 8f4b7f8 by @renovate in https://github.com/dropwizard/dropwizard/pull/6894
Update dependency org.apache.maven.plugins:maven-deploy-plugin to v3.1.1 by @renovate in https://github.com/dropwizard/dropwizard/pull/6895
Update dependency org.apache.maven.plugins:maven-deploy-plugin to v3.1.1 by @renovate in https://github.com/dropwizard/dropwizard/pull/6896
Update dependency org.apache.maven.plugins:maven-install-plugin to v3.1.1 by @renovate in https://github.com/dropwizard/dropwizard/pull/6897
Update dependency org.apache.maven.plugins:maven-install-plugin to v3.1.1 by @renovate in https://github.com/dropwizard/dropwizard/pull/6898
Update dependency org.apache.maven.plugins:maven-resources-plugin to v3.3.1 by @renovate in https://github.com/dropwizard/dropwizard/pull/6899
Update dependency org.apache.maven.plugins:maven-resources-plugin to v3.3.1 by @renovate in https://github.com/dropwizard/dropwizard/pull/6900
Update dependency org.apache.maven.shared:maven-filtering to v3.3.1 by @renovate in https://github.com/dropwizard/dropwizard/pull/6901
Update actions/checkout action to v3.5.0 by @renovate in https://github.com/dropwizard/dropwizard/pull/6902
Set application state healthy if there are no unhealthy critical checks by @joschi in https://github.com/dropwizard/dropwizard/pull/6908
Update actions/setup-java digest to 5ffc13f by @renovate in https://github.com/dropwizard/dropwizard/pull/6914
Update github/codeql-action digest to 04df126 by @renovate in https://github.com/dropwizard/dropwizard/pull/6915
Update dependency net.bytebuddy:byte-buddy to v1.14.3 by @renovate in https://github.com/dropwizard/dropwizard/pull/6919

Full Changelog: dropwizard/dropwizard@v4.0.0-beta.4...v4.0.0

`v3.0.6`

Compare Source

What's Changed

fix(deps): update dependency net.bytebuddy:byte-buddy to v1.14.11 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8100
chore(deps): update github/codeql-action digest to 012739e (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8109
chore(deps): update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.12.1 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8115
chore(deps): update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.12.1 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8116
fix(deps): update dependency com.fasterxml.jackson:jackson-bom to v2.16.1 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8117
fix(deps): update dependency org.javassist:javassist to v3.30.2-ga (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8118
chore(deps): update dependency com.uber.nullaway:nullaway to v0.10.19 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8134
chore(deps): update error_prone.version to v2.24.0 (release/3.0.x) (minor) by @renovate in https://github.com/dropwizard/dropwizard/pull/8119
fix(deps): update slf4j.version to v2.0.10 (release/3.0.x) (patch) by @renovate in https://github.com/dropwizard/dropwizard/pull/8140
fix(deps): update dependency org.assertj:assertj-core to v3.25.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8146
fix(deps): update dependency org.assertj:assertj-core to v3.25.1 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8155
fix(deps): update dependency com.fasterxml:classmate to v1.7.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8156
fix(deps): update dependency org.jdbi:jdbi3-bom to v3.43.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8157
chore(deps): update error_prone.version to v2.24.1 (release/3.0.x) (patch) by @renovate in https://github.com/dropwizard/dropwizard/pull/8159
chore(deps): update dependency jp.skypencil.errorprone.slf4j:errorprone-slf4j to v0.1.22 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8165
chore(deps): update github/codeql-action digest to e5f05b8 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8181
fix(deps): update slf4j.version to v2.0.11 (release/3.0.x) (patch) by @renovate in https://github.com/dropwizard/dropwizard/pull/8184
chore(deps): update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.2.5 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8191
chore(deps): update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.2.5 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8192
fix(deps): update dependency org.apache.tomcat:tomcat-jdbc to v10.1.18 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8193
chore(deps): update actions/cache action to v3.3.3 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8199
chore(deps): update actions/upload-artifact digest to 1eb3cb2 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8206
chore(deps): update dependency com.uber.nullaway:nullaway to v0.10.20 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8210
chore(deps): update dependency com.uber.nullaway:nullaway to v0.10.21 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8215
fix(deps): update mockito monorepo to v5.9.0 (release/3.0.x) (minor) by @renovate in https://github.com/dropwizard/dropwizard/pull/8216
chore(deps): update scacap/action-surefire-report digest to 687f107 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8226
chore(deps): update dependency org.cyclonedx:cyclonedx-maven-plugin to v2.7.11 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8231
chore(deps): update dependency com.mysql:mysql-connector-j to v8.3.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8232
chore(deps): update actions/upload-artifact digest to 694cdab (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8241
chore(deps): update github/codeql-action digest to 0b21cf2 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8242
chore(deps): update actions/cache action to v4 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8243
fix(deps): update dependency io.dropwizard.metrics:metrics-bom to v4.2.24 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8254
chore(deps): update actions/upload-artifact digest to 26f96df (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8263
fix(deps): update dependency org.assertj:assertj-core to v3.25.2 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8267
fix(deps): update dependency org.apache.httpcomponents.client5:httpclient5 to v5.3.1 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8268
fix(deps): update mockito monorepo to v5.10.0 (release/3.0.x) (minor) by @renovate in https://github.com/dropwizard/dropwizard/pull/8273
fix(deps): update dependency io.dropwizard.metrics:metrics-bom to v4.2.25 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8280
fix(deps): update dependency org.testcontainers:testcontainers-bom to v1.19.4 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8283
Unix domain socket connector by @joschi in https://github.com/dropwizard/dropwizard/pull/8288
chore(deps): update github/codeql-action digest to b7bf0a3 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8291
chore(deps): update dependency com.uber.nullaway:nullaway to v0.10.22 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8295

Full Changelog: dropwizard/dropwizard@v3.0.5...v3.0.6

`v3.0.5`

Compare Source

What's Changed

chore(deps): update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.6.2 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7863
chore(deps): update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.2.2 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7864
chore(deps): update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.2.2 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7866
chore(deps): update frenck/action-yamllint action to v1.4.2 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7873
fix(deps): update dependency org.apache.tomcat:tomcat-jdbc to v10.1.16 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7888
fix(deps): update dependency org.bouncycastle:bcprov-jdk18on to v1.77 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7890
chore(deps): update github/codeql-action digest to 689fdc5 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7887
fix(deps): update dependency org.testcontainers:testcontainers-bom to v1.19.2 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7889
fix(deps): update dependency com.fasterxml.jackson:jackson-bom to v2.16.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7899
chore(deps): update dependency org.codehaus.mojo:exec-maven-plugin to v3.1.1 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7905
chore(deps): update github/codeql-action digest to 66b90a5 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7904
fix(deps): update dependency net.bytebuddy:byte-buddy to v1.14.10 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7914
chore(deps): update dependency com.uber.nullaway:nullaway to v0.10.17 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7913
fix(deps): update dependency org.testcontainers:testcontainers-bom to v1.19.3 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7921
fix(deps): update dependency org.apache.commons:commons-lang3 to v3.14.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7923
chore(deps): update dependency org.apache.maven.plugins:maven-project-info-reports-plugin to v3.5.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7922
chore(deps): update github/codeql-action digest to 407ffaf (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7929
fix(deps): update logback.version to v1.3.12 (release/3.0.x) (patch) by @renovate in https://github.com/dropwizard/dropwizard/pull/7943
fix(deps): update logback.version to v1.3.13 (release/3.0.x) (patch) by @renovate in https://github.com/dropwizard/dropwizard/pull/7947
chore(deps): update dependency sphinx-rtd-theme to v2 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7948
fix(deps): update dependency org.apache.httpcomponents.core5:httpcore5 to v5.2.4 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7950
chore(deps): update actions/setup-java action to v4 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7956
fix(deps): update dependency org.apache.httpcomponents.client5:httpclient5 to v5.2.3 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7930
chore(deps): update dependency com.uber.nullaway:nullaway to v0.10.18 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7971
chore(deps): update dependency maven to v3.9.6 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7972
chore(deps): update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.6.3 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7973
fix(deps): update logback.version to v1.3.14 (release/3.0.x) (patch) by @renovate in https://github.com/dropwizard/dropwizard/pull/7977
fix(deps): update dependency org.checkerframework:checker-qual to v3.41.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7978
fix(deps): update mockito monorepo to v5.8.0 (release/3.0.x) (minor) by @renovate in https://github.com/dropwizard/dropwizard/pull/7980
fix(deps): update dependency org.jdbi:jdbi3-bom to v3.42.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7974
Logback request log: combine headers by @zUniQueX in https://github.com/dropwizard/dropwizard/pull/7965
fix(deps): update dependency io.dropwizard.metrics:metrics-bom to v4.2.23 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7993
chore(deps): update actions/stale action to v9 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8001
chore(deps): update github/codeql-action digest to c0d1daa (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8000
chore(deps): update dependency jp.skypencil.errorprone.slf4j:errorprone-slf4j to v0.1.21 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8006
fix(deps): update dependency net.java.dev.jna:jna to v5.14.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8011
chore(deps): update github/codeql-action digest to 305f654 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8018
chore(deps): update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.2.3 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8022
chore(deps): update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.2.3 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8023
fix(deps): update dependency org.apache.tomcat:tomcat-jdbc to v10.1.17 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8019
chore(deps): update github/codeql-action digest to 03e7845 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8031
chore(deps): update github/codeql-action action to v3 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8032
chore(deps): update actions/upload-artifact action to v4 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8036
fix(deps): update dependency org.checkerframework:checker-qual to v3.42.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8055
fix(deps): update dependency org.javassist:javassist to v3.30.1-ga (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8068
chore(deps): update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.12.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8076
chore(deps): update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.12.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8077
fix(deps): update dependency org.liquibase:liquibase-core to v4.25.1 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8078
fix(deps): update dependency com.google.guava:guava to v33 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8079
fix(deps): update dependency org.eclipse.jetty:jetty-bom to v10.0.19 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/8090

Full Changelog: dropwizard/dropwizard@v3.0.4...v3.0.5

`v3.0.4`

Compare Source

What's Changed

Add workflow to announce releases manually by @joschi in https://github.com/dropwizard/dropwizard/pull/7774
chore(deps): update github/codeql-action digest to 49abf0b (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7778
fix(deps): update dependency org.glassfish.jersey:jersey-bom to v2.41 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7779
chore(deps): update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.2.1 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7785
chore(deps): update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.2.1 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7786
chore(deps): update dependency org.apache.maven.plugins:maven-clean-plugin to v3.3.2 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7801
chore(deps): update dependency org.apache.maven.plugins:maven-clean-plugin to v3.3.2 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7802
fix(deps): update dependency org.apache.commons:commons-text to v1.11.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7809
chore(deps): update github/codeql-action digest to 74483a3 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7800
chore(deps): update dependency org.cyclonedx:cyclonedx-maven-plugin to v2.7.10 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7811
fix(deps): update dependency org.eclipse.jetty:jetty-bom to v10.0.18 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7812
chore(deps): update dependency com.mysql:mysql-connector-j to v8.2.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7803
chore(deps): update dependency octokit to v8 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7819
chore(deps): update dependency com.uber.nullaway:nullaway to v0.10.16 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7827
fix(deps): update dependency org.checkerframework:checker-qual to v3.40.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7828
fix(deps): update mockito monorepo to v5.7.0 (release/3.0.x) (minor) by @renovate in https://github.com/dropwizard/dropwizard/pull/7832
Set LoggerContext in LoggingEvent by @joschi in https://github.com/dropwizard/dropwizard/pull/7837
Announce new releases on Bluesky by @joschi in https://github.com/dropwizard/dropwizard/pull/7840
fix(deps): update dependency io.dropwizard.metrics:metrics-bom to v4.2.22 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7844
chore(deps): update junit5 monorepo to v5.10.1 (release/3.0.x) (patch) by @renovate in https://github.com/dropwizard/dropwizard/pull/7848
fix(deps): update dependency io.dropwizard.logback:logback-throttling-appender to v1.3.1 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7849

Full Changelog: dropwizard/dropwizard@v3.0.3...v3.0.4

`v3.0.3`

Compare Source

What's Changed

Update dependency org.apache.maven.plugins:maven-shade-plugin to v3.5.1 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7570
Fix NullPointerException in DropwizardApacheConnector by @joschi in https://github.com/dropwizard/dropwizard/pull/7575
Move Dropwizard Archetypes into their own repository by @joschi in https://github.com/dropwizard/dropwizard/pull/7572
Update dependency com.mysql:mysql-connector-j to v8.1.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7579
Update dependency io.dropwizard.metrics:metrics-bom to v4.2.20 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7584
Update github/codeql-action digest to ddccb87 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7591
Update dependency org.jdbi:jdbi3-bom to v3.41.3 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7601
Update dependency org.testcontainers:testcontainers-bom to v1.19.1 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7602
Update dependency org.checkerframework:checker-qual to v3.39.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7603
Update dependency maven to v3.9.5 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7610
Don't run scacap/action-surefire-report in forks by @joschi in https://github.com/dropwizard/dropwizard/pull/7618
fix(deps): update mockito monorepo to v5.6.0 (release/3.0.x) (minor) by @renovate in https://github.com/dropwizard/dropwizard/pull/7620
chore(deps): update github/codeql-action digest to 2cb752a (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7616
Update dependency org.jacoco:jacoco-maven-plugin to v0.8.10 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/6956
fix(deps): update dependency com.github.spullara.mustache.java:compiler to v0.9.11 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7633
fix(deps): update dependency net.bytebuddy:byte-buddy to v1.14.9 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7634
fix(deps): update dependency org.eclipse.jetty:jetty-bom to v10.0.17 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7636
Clean test db by @zUniQueX in https://github.com/dropwizard/dropwizard/pull/7637
Fix the broken link to Apache HttpClient 5.X migration guide by @raymondchen625 in https://github.com/dropwizard/dropwizard/pull/7613
chore(deps): update github/codeql-action digest to fdcae64 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7632
fix(deps): update dependency com.fasterxml:classmate to v1.6.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7645
Ensure lexicographical order in messages from HealthCheckConfigValidator by @joschi in https://github.com/dropwizard/dropwizard/pull/7653
chore(deps): update github/codeql-action digest to d90b8d7 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7656
fix(deps): update dependency com.google.guava:guava to v32.1.3-jre (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7657
fix(deps): update dependency org.liquibase:liquibase-core to v4.24.0 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7606
fix(deps): update dependency com.fasterxml.jackson:jackson-bom to v2.15.3 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7661
fix(deps): update dependency io.dropwizard.metrics:metrics-bom to v4.2.21 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7679
chore(deps): update github/codeql-action digest to 0116bc2 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7678
Add Codespaces/devcontainer support by @zUniQueX in https://github.com/dropwizard/dropwizard/pull/7688
Expose uri compliance by @zUniQueX in https://github.com/dropwizard/dropwizard/pull/7691
Request log remote user by @zUniQueX in https://github.com/dropwizard/dropwizard/pull/7693
chore(deps): update dependency org.jacoco:jacoco-maven-plugin to v0.8.11 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7710
chore(deps): update dependency org.jacoco:jacoco-maven-plugin to v0.8.11 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7709
fix(deps): update dependency org.apache.tomcat:tomcat-jdbc to v10.1.15 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7711
chore(deps): update actions/checkout action to v4.1.1 (release/3.0.x) by @renovate in https://github.com/dropwizard/dropwizard/pull/7738
chore(deps): update cimg/openjdk docker tag to v21 (release/3.0.x) by @renovate in [https:

mend-for-github-com bot added the security fix Security fix generated by WhiteSource label Feb 15, 2024

Update dependency io.dropwizard:dropwizard-core to v4

970b5d2

mend-for-github-com bot force-pushed the whitesource-remediate/io.dropwizard-dropwizard-core-4.x branch from 5f35442 to 970b5d2 Compare February 20, 2024 02:39

mend-for-github-com bot changed the title ~~Update dependency io.dropwizard:dropwizard-core to v4~~ Update dependency io.dropwizard:dropwizard-core to v4 - autoclosed Feb 29, 2024

mend-for-github-com bot closed this Feb 29, 2024

mend-for-github-com bot deleted the whitesource-remediate/io.dropwizard-dropwizard-core-4.x branch February 29, 2024 06:15

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency io.dropwizard:dropwizard-core to v4 - autoclosed #417

Update dependency io.dropwizard:dropwizard-core to v4 - autoclosed #417

mend-for-github-com bot commented Feb 15, 2024 •

edited

Loading

Update dependency io.dropwizard:dropwizard-core to v4 - autoclosed #417

Update dependency io.dropwizard:dropwizard-core to v4 - autoclosed #417

Conversation

mend-for-github-com bot commented Feb 15, 2024 • edited Loading

Release Notes

v4.0.0

Dropwizard 4.0.0

⚠️ Breaking changes

Java 11 baseline

Dropwizard Package Structure and JPMS

Transition to Jakarta EE

Jakarta EE 9 compatibility

Jetty 11

Apache HttpClient 5

Hibernate 6

Removed Support for JUnit 4.x

🥇 Special thanks

What's Changed since Dropwizard 4.0.0-beta.4

v3.0.6

What's Changed

v3.0.5

What's Changed

v3.0.4

What's Changed

v3.0.3

What's Changed

mend-for-github-com bot commented Feb 15, 2024 •

edited

Loading

`v4.0.0`

`v3.0.6`

`v3.0.5`

`v3.0.4`

`v3.0.3`