Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Try to catch CLT branch up to main #87

Open
wants to merge 54 commits into
base: feature/command-line-tests
Choose a base branch
from
Open

Try to catch CLT branch up to main #87

wants to merge 54 commits into from

Commits on Jan 17, 2024

  1. #217 - reader for SCNR reports (xml/json) (#61)

    @darkspirit510
    darkspirit510 authored Jan 17, 2024
    Configuration menu
    Copy the full SHA
    119b3cb View commit details
    Browse the repository at this point in the history

Commits on Feb 22, 2024

  1. Upgrade a few plugins/dependencies.

    @davewichers
    davewichers committed Feb 22, 2024
    Configuration menu
    Copy the full SHA
    faf3915 View commit details
    Browse the repository at this point in the history

Commits on Mar 25, 2024

  1. Extract overall stats table (#62) 

    * Extract overall stats table to seperate class

* cleanup; disclaimer blocks

* tests for OverallStatsTable

* disclaimers

* test cleanup
    @darkspirit510
    darkspirit510 authored Mar 25, 2024
    Configuration menu
    Copy the full SHA
    3a7ea1a View commit details
    Browse the repository at this point in the history

Commits on Mar 26, 2024

  1. Add some missing CWE mappings for issues we don't care about to Snyk … 

    …and Zap readers.
    @davewichers
    davewichers committed Mar 26, 2024
    Configuration menu
    Copy the full SHA
    9db9726 View commit details
    Browse the repository at this point in the history

  2. Minor tweak to CodeQL parser for scanning NodeJS.

    @davewichers
    davewichers committed Mar 26, 2024
    Configuration menu
    Copy the full SHA
    0f96321 View commit details
    Browse the repository at this point in the history

Commits on Apr 8, 2024

  1. Upgrade poms to now require Java 11 and upgrade dependencies. Formatting 

    tweak to SonarQubeReader.java.
    @davewichers
    davewichers committed Apr 8, 2024
    Configuration menu
    Copy the full SHA
    993f232 View commit details
    Browse the repository at this point in the history

  2. Upgrade CI to use Java 11.

    @davewichers
    davewichers committed Apr 8, 2024
    Configuration menu
    Copy the full SHA
    c431ab0 View commit details
    Browse the repository at this point in the history

Commits on Apr 11, 2024

  1. Fix bug on individual vulnerability scorecards where it was reporting 

    the overall stats for each tool next to the scatterchart, rather than
the tool's stats for that specific vulnerability category.
    @davewichers
    davewichers committed Apr 11, 2024
    Configuration menu
    Copy the full SHA
    bc1690b View commit details
    Browse the repository at this point in the history

Commits on Apr 15, 2024

  1. #65 - Reader for Snyk and Semgrep SARIF files (#67) 

    * #65 - Reader for Snyk and Semgrep SARIF files

* #65 - Fix test typo
    @darkspirit510
    darkspirit510 authored Apr 15, 2024
    Configuration menu
    Copy the full SHA
    cbdb828 View commit details
    Browse the repository at this point in the history

Commits on Apr 16, 2024

  1. Add Datadog SAST support (#63) 

    * add Datadog SAST support

* add comments

* update

* update

@darkspirit510 says its good so merging.
    @juli1
    juli1 authored Apr 16, 2024
    Configuration menu
    Copy the full SHA
    4f80e9a View commit details
    Browse the repository at this point in the history

Commits on Apr 17, 2024

  1. Remove HDIV support as this tool was acquired by Datadog and we now 

    support Datadog directly.
    @davewichers
    davewichers committed Apr 17, 2024
    Configuration menu
    Copy the full SHA
    70bfd9c View commit details
    Browse the repository at this point in the history

  2. Add reader and tests for SAST Precaution (#69) 

    This change adds Precaution to the list of supported SASTs.
Precaution can render its output as SARIF so it extends the SarifReader.

Included are a test case and example SARIF output file as a result of
scanning BenchmarkTest00073.java in BenchmarkJava.

https://github.com/securesauce/precli

Signed-off-by: Eric Brown <[email protected]>

@darkspirit510 - I reran the GitHub action and it worked this time. Weird. Given your OK, I'm merging.
    @ericwb
    ericwb authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    af5ffc1 View commit details
    Browse the repository at this point in the history

Commits on May 3, 2024

  1. Checkmarx results parser - Normalize paths (#71) 

    * feat: Normalize FileName path to linux

* style: Fix formatting
    @cx-rafaelc
    cx-rafaelc authored May 3, 2024
    Configuration menu
    Copy the full SHA
    7cfea6d View commit details
    Browse the repository at this point in the history

Commits on May 4, 2024

  1. Migrate all SARIF readers to extend from SarifReader (#70) 

    * #68 - move most SARIF reader code to parent class

* #68 - handle multiple runs and rule extensions; migrade codeql reader

* #68 - use regex for CWE filtering; migrate Datadog SAST reader

* #68 - migrate Contrast reader

* #68 - remove deprecated reader

* #68 - extract start and end time from invocation (if present)

* #68 - linting

* #68 - take first CWE number from tags

* #68 - move sarif readers to separate package

* #68 - extract version if semanticVersion is not present
    @darkspirit510
    darkspirit510 authored May 4, 2024
    Configuration menu
    Copy the full SHA
    6808369 View commit details
    Browse the repository at this point in the history

Commits on May 14, 2024

  1. Extract vulnerability stats table to own class (#73) 

    * extract vulnerability stats table to own class

* move tools to constructor
    @darkspirit510
    darkspirit510 authored May 14, 2024
    Configuration menu
    Copy the full SHA
    ae074a9 View commit details
    Browse the repository at this point in the history

Commits on May 28, 2024

  1. extract expected results file parsing to provider class (#75)

    @darkspirit510
    darkspirit510 authored May 28, 2024
    Configuration menu
    Copy the full SHA
    2ec0664 View commit details
    Browse the repository at this point in the history

Commits on Jun 5, 2024

  1. Move tool scorecard generation to separate class (#76) 

    * Move tool scorecard generation to separate class

* cleanup
    @darkspirit510
    darkspirit510 authored Jun 5, 2024
    Configuration menu
    Copy the full SHA
    282c1d3 View commit details
    Browse the repository at this point in the history

  2. #72 - handle more wapiti categories (#74) 

    Hey, sorry about that. Thanks for the nudge.
    @darkspirit510
    darkspirit510 authored Jun 5, 2024
    Configuration menu
    Copy the full SHA
    6be334c View commit details
    Browse the repository at this point in the history

Commits on Jun 9, 2024

  1. extract commercial averages table to separate class (#78)

    @darkspirit510
    darkspirit510 authored Jun 9, 2024
    Configuration menu
    Copy the full SHA
    22be943 View commit details
    Browse the repository at this point in the history

Commits on Jun 10, 2024

  1. Wrapper for test suite name (#79) 

    * wrapper for test suite name (to get rid of a static method in BenchmarkScore)

* disclaimers
    @darkspirit510
    darkspirit510 authored Jun 10, 2024
    Configuration menu
    Copy the full SHA
    a778420 View commit details
    Browse the repository at this point in the history

Commits on Jun 12, 2024

  1. extract menu updating to seperate class (#80)

    @darkspirit510
    darkspirit510 authored Jun 12, 2024
    Configuration menu
    Copy the full SHA
    2e2fd1f View commit details
    Browse the repository at this point in the history

  2. Extract result file creation (#81) 

    * Move tool scorecard generation to separate class

* extract result file creation to separate class

* fix tests
    @darkspirit510
    darkspirit510 authored Jun 12, 2024
    Configuration menu
    Copy the full SHA
    0d2973d View commit details
    Browse the repository at this point in the history

Commits on Jun 16, 2024

  1. make report html tags configurable (#82)

    @darkspirit510
    darkspirit510 authored Jun 16, 2024
    Configuration menu
    Copy the full SHA
    0862b3b View commit details
    Browse the repository at this point in the history

Commits on Jul 31, 2024

  1. Fix MenuUpdaterTest to not break on Windows. Move Categories static i… 

    …nitializer into that class.

Tweak expected results parser to allow for white space between entries in CSV file.
    @davewichers
    davewichers committed Jul 31, 2024
    Configuration menu
    Copy the full SHA
    4c17896 View commit details
    Browse the repository at this point in the history

Commits on Aug 7, 2024

  1. Relax the SarifReader tool name matching logic to use startswith inst… 

    …ead of equals so versions of the same tool will match. For example, Semgrep OSS and Semgrep PRO use the same file format but their names are slightly different. So now the SemgrepSarifReader class names the tool simply 'Semgrep' and SarifReader uses startswith() so both versions of the same tool match with one reader. And added a test case to test this.
    @davewichers
    davewichers committed Aug 7, 2024
    Configuration menu
    Copy the full SHA
    072a679 View commit details
    Browse the repository at this point in the history

Commits on Aug 11, 2024

  1. Fixed SemGrep Sarif Reader to use CWE mapping method from the origina… 

    …l Semgrep Reader. Using this mapping fixes a number of missed CWE categories in the weak crypto area. Also added mappings or at least acknowledgements to a bunch of other CWEs not in the CWE mapping method.
    @davewichers
    davewichers committed Aug 11, 2024
    Configuration menu
    Copy the full SHA
    57fd952 View commit details
    Browse the repository at this point in the history

Commits on Aug 15, 2024

  1. Snyk reports on child CWEs for PathTraversal and password hashing (#90) 

    * Snyk reports on child CWEs for PathTraversal and password hashing

* Move CWE mapping logic into SnykReader itself & add tests

Looks good to me. Thanks for fixing.
    @sebsnyk
    sebsnyk authored Aug 15, 2024
    Configuration menu
    Copy the full SHA
    64f72b2 View commit details
    Browse the repository at this point in the history

Commits on Aug 26, 2024

  1. refactor AppScanReader to use provided CWE (#93)

    @darkspirit510
    darkspirit510 authored Aug 26, 2024
    Configuration menu
    Copy the full SHA
    381ef89 View commit details
    Browse the repository at this point in the history

Commits on Aug 27, 2024

  1. Create dependabot.yml

    @davewichers
    davewichers authored Aug 27, 2024
    Configuration menu
    Copy the full SHA
    e5badb7 View commit details
    Browse the repository at this point in the history

  2. Reader for WhiteHat Dynamic (#94)

    @darkspirit510
    darkspirit510 authored Aug 27, 2024
    Configuration menu
    Copy the full SHA
    af4abc4 View commit details
    Browse the repository at this point in the history

Commits on Aug 28, 2024

  1. fix merge error (#106)

    @darkspirit510
    darkspirit510 authored Aug 28, 2024
    Configuration menu
    Copy the full SHA
    8547039 View commit details
    Browse the repository at this point in the history

  2. Upgrade a bunch of plugins and some libraries.

    @davewichers
    davewichers committed Aug 28, 2024
    Configuration menu
    Copy the full SHA
    b6da950 View commit details
    Browse the repository at this point in the history

Commits on Aug 30, 2024

  1. Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 (#109) 

    Bumps org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-lang3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Aug 30, 2024
    Configuration menu
    Copy the full SHA
    a6d3346 View commit details
    Browse the repository at this point in the history

Commits on Sep 2, 2024

  1. Bump org.yaml:snakeyaml from 2.2 to 2.3 (#110) 

    Bumps [org.yaml:snakeyaml](https://bitbucket.org/snakeyaml/snakeyaml) from 2.2 to 2.3.
- [Commits](https://bitbucket.org/snakeyaml/snakeyaml/branches/compare/snakeyaml-2.3..snakeyaml-2.2)

---
updated-dependencies:
- dependency-name: org.yaml:snakeyaml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Sep 2, 2024
    Configuration menu
    Copy the full SHA
    231431d View commit details
    Browse the repository at this point in the history

Commits on Sep 13, 2024

  1. Bump org.apache.httpcomponents.core5:httpcore5 from 5.2.5 to 5.3 (#111) 

    Bumps [org.apache.httpcomponents.core5:httpcore5](https://github.com/apache/httpcomponents-core) from 5.2.5 to 5.3.
- [Changelog](https://github.com/apache/httpcomponents-core/blob/master/RELEASE_NOTES.txt)
- [Commits](apache/httpcomponents-core@rel/v5.2.5...rel/v5.3)

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.core5:httpcore5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Sep 13, 2024
    Configuration menu
    Copy the full SHA
    6a80b56 View commit details
    Browse the repository at this point in the history

Commits on Sep 19, 2024

  1. Bump commons-io:commons-io from 2.16.1 to 2.17.0 (#112) 

    Bumps commons-io:commons-io from 2.16.1 to 2.17.0.

---
updated-dependencies:
- dependency-name: commons-io:commons-io
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Sep 19, 2024
    Configuration menu
    Copy the full SHA
    78d8fc6 View commit details
    Browse the repository at this point in the history

Commits on Sep 20, 2024

  1. Bump org.apache.httpcomponents.client5:httpclient5 from 5.3.1 to 5.4 (#… 

    …113)

Bumps [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) from 5.3.1 to 5.4.
- [Changelog](https://github.com/apache/httpcomponents-client/blob/master/RELEASE_NOTES.txt)
- [Commits](apache/httpcomponents-client@rel/v5.3.1...rel/v5.4)

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.client5:httpclient5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Sep 20, 2024
    Configuration menu
    Copy the full SHA
    e4a1e90 View commit details
    Browse the repository at this point in the history

Commits on Sep 23, 2024

  1. Bump org.codehaus.mojo:extra-enforcer-rules from 1.8.0 to 1.9.0 (#114) 

    Bumps [org.codehaus.mojo:extra-enforcer-rules](https://github.com/mojohaus/extra-enforcer-rules) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/mojohaus/extra-enforcer-rules/releases)
- [Commits](mojohaus/extra-enforcer-rules@1.8.0...1.9.0)

---
updated-dependencies:
- dependency-name: org.codehaus.mojo:extra-enforcer-rules
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Sep 23, 2024
    Configuration menu
    Copy the full SHA
    0c9d743 View commit details
    Browse the repository at this point in the history

Commits on Sep 24, 2024

  1. Bump com.google.guava:guava from 33.3.0-jre to 33.3.1-jre (#115) 

    Bumps [com.google.guava:guava](https://github.com/google/guava) from 33.3.0-jre to 33.3.1-jre.
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

---
updated-dependencies:
- dependency-name: com.google.guava:guava
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Sep 24, 2024
    Configuration menu
    Copy the full SHA
    46bc995 View commit details
    Browse the repository at this point in the history

Commits on Sep 25, 2024

  1. Bump org.apache.commons:commons-csv from 1.11.0 to 1.12.0 (#116) 

    Bumps [org.apache.commons:commons-csv](https://github.com/apache/commons-csv) from 1.11.0 to 1.12.0.
- [Changelog](https://github.com/apache/commons-csv/blob/master/RELEASE-NOTES.txt)
- [Commits](apache/commons-csv@rel/commons-csv-1.11.0...rel/commons-csv-1.12.0)

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-csv
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Sep 25, 2024
    Configuration menu
    Copy the full SHA
    d93c2fd View commit details
    Browse the repository at this point in the history

Commits on Sep 26, 2024

  1. Bump version.junit.jupiter from 5.11.0 to 5.11.1 (#117) 

    Bumps `version.junit.jupiter` from 5.11.0 to 5.11.1.

Updates `org.junit.jupiter:junit-jupiter-api` from 5.11.0 to 5.11.1
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](junit-team/junit5@r5.11.0...r5.11.1)

Updates `org.junit.jupiter:junit-jupiter-params` from 5.11.0 to 5.11.1
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](junit-team/junit5@r5.11.0...r5.11.1)

---
updated-dependencies:
- dependency-name: org.junit.jupiter:junit-jupiter-api
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.junit.jupiter:junit-jupiter-params
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Sep 26, 2024
    Configuration menu
    Copy the full SHA
    4f7317f View commit details
    Browse the repository at this point in the history

Commits on Sep 27, 2024

  1. Bump version.fasterxml.jackson from 2.17.2 to 2.18.0 (#118) 

    Bumps `version.fasterxml.jackson` from 2.17.2 to 2.18.0.

Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.17.2 to 2.18.0
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.core:jackson-core` from 2.17.2 to 2.18.0
- [Commits](FasterXML/jackson-core@jackson-core-2.17.2...jackson-core-2.18.0)

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.17.2 to 2.18.0
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-xml` from 2.17.2 to 2.18.0
- [Commits](FasterXML/jackson-dataformat-xml@jackson-dataformat-xml-2.17.2...jackson-dataformat-xml-2.18.0)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-annotations
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: com.fasterxml.jackson.core:jackson-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-xml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Sep 27, 2024
    Configuration menu
    Copy the full SHA
    56d8c2b View commit details
    Browse the repository at this point in the history

Commits on Oct 9, 2024

  1. Bump org.apache.maven.skins:maven-fluido-skin (#119) 

    Bumps [org.apache.maven.skins:maven-fluido-skin](https://github.com/apache/maven-fluido-skin) from 2.0.0-M10 to 2.0.0-M11.
- [Release notes](https://github.com/apache/maven-fluido-skin/releases)
- [Commits](apache/maven-fluido-skin@maven-fluido-skin-2.0.0-M10...maven-fluido-skin-2.0.0-M11)

---
updated-dependencies:
- dependency-name: org.apache.maven.skins:maven-fluido-skin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Oct 9, 2024
    Configuration menu
    Copy the full SHA
    ddb3138 View commit details
    Browse the repository at this point in the history

  2. Bump version.junit.jupiter from 5.11.1 to 5.11.2 (#120) 

    Bumps `version.junit.jupiter` from 5.11.1 to 5.11.2.

Updates `org.junit.jupiter:junit-jupiter-api` from 5.11.1 to 5.11.2
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](junit-team/junit5@r5.11.1...r5.11.2)

Updates `org.junit.jupiter:junit-jupiter-params` from 5.11.1 to 5.11.2
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](junit-team/junit5@r5.11.1...r5.11.2)

---
updated-dependencies:
- dependency-name: org.junit.jupiter:junit-jupiter-api
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.junit.jupiter:junit-jupiter-params
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Oct 9, 2024
    Configuration menu
    Copy the full SHA
    bcc9640 View commit details
    Browse the repository at this point in the history

  3. Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.0 to 3.5… 

    ….1 (#121)

Bumps [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.5.0...surefire-3.5.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Oct 9, 2024
    Configuration menu
    Copy the full SHA
    54ba34c View commit details
    Browse the repository at this point in the history

Commits on Oct 22, 2024

  1. Bump version.junit.jupiter from 5.11.2 to 5.11.3 (#124) 

    Bumps `version.junit.jupiter` from 5.11.2 to 5.11.3.

Updates `org.junit.jupiter:junit-jupiter-api` from 5.11.2 to 5.11.3
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](junit-team/junit5@r5.11.2...r5.11.3)

Updates `org.junit.jupiter:junit-jupiter-params` from 5.11.2 to 5.11.3
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](junit-team/junit5@r5.11.2...r5.11.3)

---
updated-dependencies:
- dependency-name: org.junit.jupiter:junit-jupiter-api
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.junit.jupiter:junit-jupiter-params
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Oct 22, 2024
    Configuration menu
    Copy the full SHA
    c3979a8 View commit details
    Browse the repository at this point in the history

  2. Bump org.apache.maven.plugins:maven-project-info-reports-plugin (#125) 

    Bumps [org.apache.maven.plugins:maven-project-info-reports-plugin](https://github.com/apache/maven-project-info-reports-plugin) from 3.7.0 to 3.8.0.
- [Commits](apache/maven-project-info-reports-plugin@maven-project-info-reports-plugin-3.7.0...maven-project-info-reports-plugin-3.8.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-project-info-reports-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Oct 22, 2024
    Configuration menu
    Copy the full SHA
    7e21926 View commit details
    Browse the repository at this point in the history

Commits on Oct 23, 2024

  1. Bump org.apache.httpcomponents.core5:httpcore5 from 5.3 to 5.3.1 (#126) 

    Bumps [org.apache.httpcomponents.core5:httpcore5](https://github.com/apache/httpcomponents-core) from 5.3 to 5.3.1.
- [Changelog](https://github.com/apache/httpcomponents-core/blob/rel/v5.3.1/RELEASE_NOTES.txt)
- [Commits](apache/httpcomponents-core@rel/v5.3...rel/v5.3.1)

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.core5:httpcore5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Oct 23, 2024
    Configuration menu
    Copy the full SHA
    461d63f View commit details
    Browse the repository at this point in the history

Commits on Oct 28, 2024

  1. Bump org.apache.maven.plugins:maven-jxr-plugin from 3.5.0 to 3.6.0 (#127 

    )

Bumps [org.apache.maven.plugins:maven-jxr-plugin](https://github.com/apache/maven-jxr) from 3.5.0 to 3.6.0.
- [Release notes](https://github.com/apache/maven-jxr/releases)
- [Commits](apache/maven-jxr@jxr-3.5.0...jxr-3.6.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-jxr-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Oct 28, 2024
    Configuration menu
    Copy the full SHA
    1b484f4 View commit details
    Browse the repository at this point in the history

  2. Bump org.apache.maven.plugins:maven-dependency-plugin (#128) 

    Bumps [org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 3.8.0 to 3.8.1.
- [Release notes](https://github.com/apache/maven-dependency-plugin/releases)
- [Commits](apache/maven-dependency-plugin@maven-dependency-plugin-3.8.0...maven-dependency-plugin-3.8.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-dependency-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Oct 28, 2024
    Configuration menu
    Copy the full SHA
    4412967 View commit details
    Browse the repository at this point in the history

  3. Bump org.apache.maven.plugin-tools:maven-plugin-annotations (#129) 

    Bumps [org.apache.maven.plugin-tools:maven-plugin-annotations](https://github.com/apache/maven-plugin-tools) from 3.15.0 to 3.15.1.
- [Release notes](https://github.com/apache/maven-plugin-tools/releases)
- [Commits](apache/maven-plugin-tools@maven-plugin-tools-3.15.0...maven-plugin-tools-3.15.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugin-tools:maven-plugin-annotations
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Oct 28, 2024
    Configuration menu
    Copy the full SHA
    e6854cd View commit details
    Browse the repository at this point in the history

  4. Bump org.apache.maven.plugins:maven-plugin-plugin from 3.15.0 to 3.15… 

    ….1 (#130)

Bumps [org.apache.maven.plugins:maven-plugin-plugin](https://github.com/apache/maven-plugin-tools) from 3.15.0 to 3.15.1.
- [Release notes](https://github.com/apache/maven-plugin-tools/releases)
- [Commits](apache/maven-plugin-tools@maven-plugin-tools-3.15.0...maven-plugin-tools-3.15.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-plugin-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Oct 28, 2024
    Configuration menu
    Copy the full SHA
    fa94966 View commit details
    Browse the repository at this point in the history

Commits on Oct 29, 2024

  1. Bump version.fasterxml.jackson from 2.18.0 to 2.18.1 (#131) 

    Bumps `version.fasterxml.jackson` from 2.18.0 to 2.18.1.

Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.18.0 to 2.18.1
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.core:jackson-core` from 2.18.0 to 2.18.1
- [Commits](FasterXML/jackson-core@jackson-core-2.18.0...jackson-core-2.18.1)

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.18.0 to 2.18.1
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-xml` from 2.18.0 to 2.18.1
- [Commits](FasterXML/jackson-dataformat-xml@jackson-dataformat-xml-2.18.0...jackson-dataformat-xml-2.18.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-annotations
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.fasterxml.jackson.core:jackson-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-xml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Oct 29, 2024
    Configuration menu
    Copy the full SHA
    8da5544 View commit details
    Browse the repository at this point in the history

  2. Bump org.apache.httpcomponents.client5:httpclient5 from 5.4 to 5.4.1 (#… 

    …132)

Bumps [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) from 5.4 to 5.4.1.
- [Changelog](https://github.com/apache/httpcomponents-client/blob/rel/v5.4.1/RELEASE_NOTES.txt)
- [Commits](apache/httpcomponents-client@rel/v5.4...rel/v5.4.1)

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.client5:httpclient5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Oct 29, 2024
    Configuration menu
    Copy the full SHA
    ee03373 View commit details
    Browse the repository at this point in the history