Merge pull request #5398 from DependencyTrack/dependabot/maven/com.puppycrawl.tools-checkstyle-12.0.1

build(deps): bump com.puppycrawl.tools:checkstyle from 11.1.0 to 12.0.1
Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 11.1.0 to 12.0.1. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-11.1.0...checkstyle-12.0.1) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-version: 12.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2025-10-19 07:53:18 +00:00 · 2025-10-13 12:18:26 +02:00 · 2025-10-13 08:47:06 +00:00 · 2025-10-13 10:36:14 +02:00 · 2025-10-13 10:31:09 +02:00 · 2025-10-13 10:30:51 +02:00
4 changed files with 7 additions and 7 deletions
--- a/.github/workflows/_meta-build.yaml
+++ b/.github/workflows/_meta-build.yaml
@ -166,6 +166,6 @@ jobs:

      - name: Upload Trivy Scan Results to GitHub Security Tab
        if: ${{ inputs.publish-container }}
-        uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # tag=v3.29.5
+        uses: github/codeql-action/upload-sarif@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # tag=v3.29.5
        with:
          sarif_file: 'trivy-results.sarif'
--- a/.github/workflows/dependency-review.yaml
+++ b/.github/workflows/dependency-review.yaml
@ -12,4 +12,4 @@ jobs:
        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # tag=v5.0.0

      - name: Dependency Review
-        uses: actions/dependency-review-action@56339e523c0409420f6c2c9a2f4292bbb3c07dd3 # tag=v4.8.0
+        uses: actions/dependency-review-action@40c09b7dc99638e5ddb0bfd91c1673effc064d8a # tag=v4.8.1
--- a/pom.xml
+++ b/pom.xml
@ -89,7 +89,7 @@
        <lib.alpine.version>${project.parent.version}</lib.alpine.version>
        <lib.awaitility.version>4.3.0</lib.awaitility.version>
        <lib.brotli-decoder.version>0.1.2</lib.brotli-decoder.version>
-        <lib.checkstyle.version>11.1.0</lib.checkstyle.version>
+        <lib.checkstyle.version>12.0.1</lib.checkstyle.version>
        <lib.cloud-sql-connector-jdbc-sqlserver.version>1.25.3</lib.cloud-sql-connector-jdbc-sqlserver.version>
        <lib.cloud-sql-mysql-socket-factory-connector-j-8.version>1.25.3</lib.cloud-sql-mysql-socket-factory-connector-j-8.version>
        <lib.cloud-sql-postgres-socket-factory.version>1.25.3</lib.cloud-sql-postgres-socket-factory.version>
@ -100,9 +100,9 @@
        <lib.owasp-rr-calculator.version>1.0.1</lib.owasp-rr-calculator.version>
        <lib.cyclonedx-java.version>11.0.0</lib.cyclonedx-java.version>
        <lib.jakarta-validation.version>3.1.1</lib.jakarta-validation.version>
-        <lib.greenmail.version>2.1.6</lib.greenmail.version>
+        <lib.greenmail.version>2.1.7</lib.greenmail.version>
        <lib.json-java.version>20250517</lib.json-java.version>
-        <lib.json-unit.version>4.1.1</lib.json-unit.version>
+        <lib.json-unit.version>5.0.0</lib.json-unit.version>
        <lib.junit.version>5.11.4</lib.junit.version>
        <lib.lucene.version>8.11.4</lib.lucene.version>
        <lib.maven-artifact.version>3.9.11</lib.maven-artifact.version>
@ -129,7 +129,7 @@
        <lib.jdbc-driver.postgresql.version>42.7.8</lib.jdbc-driver.postgresql.version>
        <!-- Maven Plugin Properties -->
        <plugin.retirejs.breakOnFailure>false</plugin.retirejs.breakOnFailure>
-        <plugin.jetty.version>12.1.1</plugin.jetty.version>
+        <plugin.jetty.version>12.1.2</plugin.jetty.version>
        <plugin.protoc-jar.version>3.11.4</plugin.protoc-jar.version>
        <!-- SonarCloud properties -->
        <sonar.exclusions>src/main/webapp/**</sonar.exclusions>
--- a/src/main/docker/Dockerfile.alpine
+++ b/src/main/docker/Dockerfile.alpine
@ -36,7 +36,7 @@ COPY ./target/${WAR_FILENAME} ./

 RUN ./create-jre.sh -i "./${WAR_FILENAME}" -o ./jre

-FROM alpine:3.22@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1
+FROM alpine:3.22@sha256:4b7ce07002c69e8f3d704a9c5d6fd3053be500b7f1c69fc0d80990c2ad8dd412

 ARG COMMIT_SHA
 ARG APP_VERSION
Author	SHA1	Message	Date
Niklas	e5d2b14af6	Merge pull request #5398 from DependencyTrack/dependabot/maven/com.puppycrawl.tools-checkstyle-12.0.1	2025-10-13 12:18:26 +02:00
dependabot[bot]	78df510963	build(deps): bump com.puppycrawl.tools:checkstyle from 11.1.0 to 12.0.1 Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 11.1.0 to 12.0.1. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-11.1.0...checkstyle-12.0.1) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-version: 12.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-13 08:47:06 +00:00
Niklas	880caffa0c	Merge pull request #5396 from DependencyTrack/dependabot/maven/net.javacrumbs.json-unit-json-unit-assertj-5.0.0	2025-10-13 10:36:14 +02:00
Niklas	09ffb65d70	Merge pull request #5399 from DependencyTrack/dependabot/github_actions/actions/dependency-review-action-4.8.1	2025-10-13 10:31:09 +02:00
Niklas	efd19c6492	Merge pull request #5397 from DependencyTrack/dependabot/github_actions/github/codeql-action-4.30.8	2025-10-13 10:30:51 +02:00
dependabot[bot]	e0c2fe7a08	build(deps): bump actions/dependency-review-action from 4.8.0 to 4.8.1 Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.8.0 to 4.8.1. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](`56339e523c...40c09b7dc9`) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-version: 4.8.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-13 08:18:41 +00:00
dependabot[bot]	e138589976	build(deps): bump github/codeql-action from 3.30.6 to 4.30.8 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.6 to 4.30.8. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`64d10c1313...f443b600d9`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.30.8 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-13 08:18:12 +00:00
dependabot[bot]	25e9e83a34	build(deps-dev): bump net.javacrumbs.json-unit:json-unit-assertj Bumps [net.javacrumbs.json-unit:json-unit-assertj](https://github.com/lukas-krecan/JsonUnit) from 4.1.1 to 5.0.0. - [Changelog](https://github.com/lukas-krecan/JsonUnit/blob/master/RELEASES.md) - [Commits](https://github.com/lukas-krecan/JsonUnit/compare/json-unit-parent-4.1.1...json-unit-parent-5.0.0) --- updated-dependencies: - dependency-name: net.javacrumbs.json-unit:json-unit-assertj dependency-version: 5.0.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-13 08:16:50 +00:00
Niklas	d36f5b045a	Merge pull request #5386 from DependencyTrack/dependabot/maven/com.icegreen-greenmail-junit5-2.1.7	2025-10-13 10:15:05 +02:00
Niklas	45b0799f1e	Merge pull request #5388 from DependencyTrack/dependabot/maven/org.eclipse.jetty.ee10-jetty-ee10-maven-plugin-12.1.2	2025-10-13 10:14:46 +02:00
Niklas	f9740a2f05	Merge pull request #5389 from DependencyTrack/dependabot/docker/src/main/docker/alpine-4b7ce07	2025-10-13 10:14:14 +02:00
Niklas	50fdb1871c	Merge pull request #5394 from DependencyTrack/dependabot/maven/com.puppycrawl.tools-checkstyle-12.0.0	2025-10-13 10:13:58 +02:00
dependabot[bot]	f77a8363a5	build(deps): bump com.puppycrawl.tools:checkstyle from 11.1.0 to 12.0.0 Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 11.1.0 to 12.0.0. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-11.1.0...checkstyle-12.0.0) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-version: 12.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-10 08:02:13 +00:00
dependabot[bot]	1db4a4c671	build(deps): bump alpine from `4bcff63` to `4b7ce07` in /src/main/docker Bumps alpine from `4bcff63` to `4b7ce07`. --- updated-dependencies: - dependency-name: alpine dependency-version: '3.22' dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-09 08:03:35 +00:00
dependabot[bot]	2e8ed53949	build(deps): bump org.eclipse.jetty.ee10:jetty-ee10-maven-plugin Bumps org.eclipse.jetty.ee10:jetty-ee10-maven-plugin from 12.1.1 to 12.1.2. --- updated-dependencies: - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-maven-plugin dependency-version: 12.1.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-09 08:01:58 +00:00
dependabot[bot]	5e369a4e97	build(deps-dev): bump com.icegreen:greenmail-junit5 from 2.1.6 to 2.1.7 Bumps [com.icegreen:greenmail-junit5](https://github.com/greenmail-mail-test/greenmail) from 2.1.6 to 2.1.7. - [Release notes](https://github.com/greenmail-mail-test/greenmail/releases) - [Commits](https://github.com/greenmail-mail-test/greenmail/compare/release-2.1.6...release-2.1.7) --- updated-dependencies: - dependency-name: com.icegreen:greenmail-junit5 dependency-version: 2.1.7 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-08 08:01:48 +00:00