Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

chore(deps): bump zeebe-bom from 1.2.6 to 1.2.8 #165

Merged
merged 1 commit into from
Dec 26, 2021
Merged

chore(deps): bump zeebe-bom from 1.2.6 to 1.2.8 #165

merged 1 commit into from
Dec 26, 2021

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 22, 2021

Bumps zeebe-bom from 1.2.6 to 1.2.8.

Release notes

Sourced from zeebe-bom's releases.

Zeebe 1.2.7

Release: 1.2.7

⚠️ This release contains a security patch which fixes the a new vector for the Log4Shell exploit present in log4j-core version < 2.16.0. We recommend you update your Zeebe production clusters as soon as possible to 1.1.8, 1.2.7, or greater. ⚠️

Bug fixes

  • [Snyk] Fix for 1 vulnerabilities - log4j 2.16.0 (#8395)

Merged Pull Requests

  • chore(elastic): update to elasticsearch 7.16.1 (#8378)
  • Release 1.2.6 (#8361)
Commits
  • c30f2df [maven-release-plugin] prepare release 1.2.8
  • 08891b3 build(project): update go embedded version data
  • 9e0278a merge: #8436 #8454
  • 2c042f8 fix(polling/state): prevent duplicates in repeatable requests list
  • 724d3df merge: #8448 #8450
  • 9ff4442 deps(docker): update elasticsearch version in docker-compose files
  • 3d08da3 style(gateway): minor code cleanup in long polling classes
  • ecb5367 fix(polling): respect request timeout settings
  • f3d80a8 deps(maven): bump version.elasticsearch from 7.16.1 to 7.16.2
  • 5e931ec merge: #8444
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump zeebe-bom from 1.2.6 to 1.2.8
c3872a8 
Bumps [zeebe-bom](https://github.com/zeebe-io/zeebe) from 1.2.6 to 1.2.8.
- [Release notes](https://github.com/zeebe-io/zeebe/releases)
- [Commits](camunda/camunda@1.2.6...1.2.8)

---
updated-dependencies:
- dependency-name: io.camunda:zeebe-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 22, 2021
@dependabot dependabot bot mentioned this pull request Dec 22, 2021
Closed
@saig0 saig0 merged commit 58ab41c into master Dec 26, 2021
@saig0 saig0 deleted the dependabot/maven/io.camunda-zeebe-bom-1.2.8 branch December 26, 2021 09:08
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@saig0