phoedos/pmd - pmd - Gitea: Git with a cup of tea

Author	SHA1	Message	Date
dependabot[bot]	46ef55c9a9	Bump rouge from 4.5.0 to 4.5.1 in the all-gems group across 1 directory Bumps the all-gems group with 1 update in the / directory: [rouge](https://github.com/rouge-ruby/rouge). Updates `rouge` from 4.5.0 to 4.5.1 - [Release notes](https://github.com/rouge-ruby/rouge/releases) - [Changelog](https://github.com/rouge-ruby/rouge/blob/master/CHANGELOG.md) - [Commits](https://github.com/rouge-ruby/rouge/compare/v4.5.0...v4.5.1) --- updated-dependencies: - dependency-name: rouge dependency-type: direct:development update-type: version-update:semver-patch dependency-group: all-gems ... Signed-off-by: dependabot[bot] <support@github.com>	2024-11-18 03:46:56 +00:00
dependabot[bot]	ed5e862aa3	Bump rouge from 4.4.0 to 4.5.0 in the all-gems group across 1 directory (#5316 ) Bumps the all-gems group with 1 update in the / directory: [rouge](https://github.com/rouge-ruby/rouge). Updates `rouge` from 4.4.0 to 4.5.0 - [Release notes](https://github.com/rouge-ruby/rouge/releases) - [Changelog](https://github.com/rouge-ruby/rouge/blob/master/CHANGELOG.md) - [Commits](https://github.com/rouge-ruby/rouge/compare/v4.4.0...v4.5.0) --- updated-dependencies: - dependency-name: rouge dependency-type: direct:development update-type: version-update:semver-minor dependency-group: all-gems ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-11-14 15:14:44 +01:00
Andreas Dangel	3ed370f61d	Bump gems and bundler (#5301 ) - Bump bundler from 2.5.3 to 2.5.22 - Bump activesupport from 7.2.1 to 7.2.2 - Bump execjs from 2.9.1 to 2.10.0 - Bump faraday from 2.11.0 to 2.12.0 - Bump i18n from 1.14.5 to 1.14.6 - Bump json from 2.7.2 to 2.7.5 - Bump logger from 1.6.0 to 1.6.1 - Bump rexml from 3.3.6/3.3.8 to 3.3.9 - Bump rufus-scheduler from 3.9.2 to 3.9.2 - Fixes https://github.com/pmd/pmd/security/dependabot/69 - Fixes https://github.com/pmd/pmd/security/dependabot/70	2024-10-31 15:07:25 +01:00
dependabot[bot]	7df70ea7c1	Bump danger from 9.5.0 to 9.5.1 in the all-gems group across 1 directory Bumps the all-gems group with 1 update in the / directory: [danger](https://github.com/danger/danger). Updates `danger` from 9.5.0 to 9.5.1 - [Release notes](https://github.com/danger/danger/releases) - [Changelog](https://github.com/danger/danger/blob/master/CHANGELOG.md) - [Commits](https://github.com/danger/danger/compare/v9.5.0...v9.5.1) --- updated-dependencies: - dependency-name: danger dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-gems ... Signed-off-by: dependabot[bot] <support@github.com>	2024-10-21 03:18:38 +00:00
dependabot[bot]	b03a46fa8c	Bump rouge from 4.3.0 to 4.4.0 in the all-gems group across 1 directory (#5226 ) Bumps the all-gems group with 1 update in the / directory: [rouge](https://github.com/rouge-ruby/rouge). Updates `rouge` from 4.3.0 to 4.4.0 - [Release notes](https://github.com/rouge-ruby/rouge/releases) - [Changelog](https://github.com/rouge-ruby/rouge/blob/master/CHANGELOG.md) - [Commits](https://github.com/rouge-ruby/rouge/compare/v4.3.0...v4.4.0) --- updated-dependencies: - dependency-name: rouge dependency-type: direct:development update-type: version-update:semver-minor dependency-group: all-gems ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-09-26 12:08:39 +02:00
Andreas Dangel	cd33eb621e	Update gems Fixes https://github.com/pmd/pmd/security/dependabot/64 Fixes CVE-2024-43380 Fixes https://github.com/advisories/GHSA-2m96-52r3-2f3g Fixes https://github.com/pmd/pmd/security/dependabot/65 Fixes https://github.com/pmd/pmd/security/dependabot/66 Fixes CVE-2024-43398 Fixes https://github.com/advisories/GHSA-vmwr-mc7x-5vc3	2024-08-27 19:16:38 +02:00
dependabot[bot]	c5de5d67a0	Bump danger from 9.4.3 to 9.5.0 in the all-gems group across 1 directory Bumps the all-gems group with 1 update in the / directory: [danger](https://github.com/danger/danger). Updates `danger` from 9.4.3 to 9.5.0 - [Release notes](https://github.com/danger/danger/releases) - [Changelog](https://github.com/danger/danger/blob/master/CHANGELOG.md) - [Commits](https://github.com/danger/danger/commits) --- updated-dependencies: - dependency-name: danger dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-gems ... Signed-off-by: dependabot[bot] <support@github.com>	2024-08-05 03:57:58 +00:00
Andreas Dangel	607684c6cb	Update gems Fixes https://github.com/pmd/pmd/security/dependabot/58 Fixes https://github.com/pmd/pmd/security/dependabot/59 Fixes CVE-2024-39908 Fixes https://github.com/advisories/GHSA-4xqq-m2hx-25v8	2024-07-23 19:36:53 +02:00
Andreas Dangel	ec30fe1b01	Update gems - Bump nokogiri from 1.16.2 to 1.16.5 - Bump rexml from 3.2.6 to 3.2.8 Fixes https://github.com/pmd/pmd/security/dependabot/52 Fixes https://github.com/pmd/pmd/security/dependabot/53 Fixes https://github.com/advisories/GHSA-r95h-9x8f-r3f7 Fixes https://github.com/pmd/pmd/security/dependabot/56 Fixes https://github.com/pmd/pmd/security/dependabot/57 Fixes https://github.com/advisories/GHSA-vg3r-rm7w-2xgh Fixes CVE-2024-35176	2024-05-23 08:43:31 +02:00
Andreas Dangel	2dc91b3de5	Update gems Add bigdecimal and csv module, to be ruby 3.4 ready	2024-03-12 19:33:10 +01:00
Andreas Dangel	aa6851e2d2	Update gems Fixes https://github.com/pmd/pmd/security/dependabot/49 Fixes https://github.com/pmd/pmd/security/dependabot/50	2024-02-15 20:31:17 +01:00
Andreas Dangel	a558fd17eb	[ci] Use bundler 2.4.22, which is still compatible with ruby 2.7	2023-12-16 13:03:32 +01:00
Andreas Dangel	1c8c5cf434	Bump pmdtester from 1.5.4 to 1.5.5	2023-11-16 10:27:54 +01:00
Andreas Dangel	94d374acaa	Update gems * Bump commonmarker from 0.23.9 to 0.23.10 Fixes https://github.com/pmd/pmd/security/dependabot/43 Fixes https://github.com/advisories/GHSA-7vh7-fw88-wj87 * Bump activesupport from 7.0.5 to 7.0.8 Fixes https://github.com/pmd/pmd/security/dependabot/45 Fixes CVE-2023-38037 ** Fixes https://github.com/advisories/GHSA-cr5q-6q9f-rq6q * Bump addressable from 2.8.4 to 2.8.5 * Bump danger from 9.2.0 to 9.3.2 * Bump execjs from 2.8.1 to 2.9.1 * Bump faraday from 2.7.5 to 2.7.11 * Bump ffi from 1.15.5 to 1.16.2 * Bump i18n from 1.13.0 to 1.14.1 * Bump mini_portile2 from 2.8.2 to 2.8.4 * Bump minitest from 5.18.0 to 5.20.0 * Bump nokogiri from 1.15.2 to 1.15.4 * Bump octokit from 5.6.1 to 6.1.1 * Bump public_suffix from 5.0.1 to 5.0.3 * Bump racc from 1.6.2 to 1.7.1 * Bump rexml from 3.2.5 to 3.2.6 * Bump rouge from 4.1.1 to 4.1.3 * Bump rufus-schedule from 3.8.2 to 3.9.1	2023-09-28 12:17:26 +02:00
Andreas Dangel	f147c76577	Update gems - use pmdtester 1.5.4	2023-05-28 09:04:46 +02:00
Andreas Dangel	ae766de203	Update gems Fixes https://github.com/pmd/pmd/security/dependabot/38 Fixes https://github.com/pmd/pmd/security/dependabot/39 Fixes https://github.com/pmd/pmd/security/dependabot/40	2023-04-28 10:28:17 +02:00
Andreas Dangel	11e2a8687e	Update gems Fixes https://github.com/pmd/pmd/security/dependabot/37 Fixes CVE-2023-28120 Fixes https://github.com/advisories/GHSA-pj73-v5mw-pm9j	2023-03-17 10:40:15 +01:00
Andreas Dangel	c3b1317a77	Update gems	2023-02-02 09:37:17 +01:00
Andreas Dangel	9d92528587	Update bundler	2023-01-25 08:56:17 +01:00
Andreas Dangel	6b2f1be14e	Update gems Fixes https://github.com/pmd/pmd/security/dependabot/35 Fixes CVE-2023-22796 Fixes https://github.com/advisories/GHSA-j6gc-792m-qgm2 Fixes https://github.com/pmd/pmd/security/dependabot/36 Fixes https://github.com/advisories/GHSA-636f-xm5j-pj9m	2023-01-25 08:48:34 +01:00
Andreas Dangel	89b947bec5	Update gems Fixes https://github.com/pmd/pmd/security/dependabot/34 Fixes CVE-2022-46648 Fixes https://github.com/advisories/GHSA-pfpr-3463-c6jh	2023-01-10 12:21:27 +01:00
Andreas Dangel	9f5bd42d43	Update gems Fixes https://github.com/pmd/pmd/security/dependabot/31 Fixes CVE-2022-23476 Fixes https://github.com/advisories/GHSA-qv4q-mr5r-qprj	2022-12-08 11:41:02 +01:00
Andreas Dangel	edcfe21131	Update pmdtester and other gems	2022-11-25 15:15:10 +01:00
Andreas Dangel	f54ca8b364	Update gems	2022-10-20 15:53:51 +02:00
Andreas Dangel	241e1e140a	Bump pmdtester from 1.5.1 to 1.5.2	2022-10-20 15:53:32 +02:00
Andreas Dangel	0dcff72455	Update gems Fixes https://github.com/pmd/pmd/security/dependabot/26 Fixes https://github.com/advisories/GHSA-4qw4-jpp4-8gvp	2022-09-24 17:52:56 +02:00
Andreas Dangel	4308aafe92	Update gems Fixes https://github.com/pmd/pmd/security/dependabot/22 TZInfo relative path traversal vulnerability allows loading of arbitrary files CVE-2022-31163 https://github.com/advisories/GHSA-5cm2-9h8c-rvfx	2022-07-22 14:14:12 +02:00
Andreas Dangel	dc512e8a04	[ci] Update gems - update pmdtester from 1.5.0 to 1.5.1 - update nokogiri from 1.13.5 to 1.13.6 - update activesupport from 6.0.4.8 to 6.0.5	2022-05-12 17:33:54 +02:00
Andreas Dangel	d3880443f7	[ci] Update gems - update pmtester from 1.4.1 to 1.5.0 - update nokogiri from 1.13.4 to 1.13.5	2022-05-06 15:05:20 +02:00
Andreas Dangel	4eb2471939	Update gems Fixes Command injection in ruby-git (https://github.com/pmd/pmd/security/dependabot/21)	2022-04-29 12:01:29 +02:00
Andreas Dangel	d09a48ad5f	Update regression-tester and other gems pmd-tester 1.4.1 nokogiri 1.13.4 Fixes the following security alerts: - Out-of-bounds Write in zlib affects Nokogiri - XML Injection in Xerces Java affects Nokogiri - Inefficient Regular Expression Complexity in Nokogiri - Denial of Service (DoS) in Nokogiri on JRuby	2022-04-12 12:17:01 +02:00
Andreas Dangel	0081e61cfd	Update pmdtester to 1.4.0	2022-03-24 16:46:42 +01:00
Andreas Dangel	b1f85585d4	Revert "REVERT ME - Use pmtester from pmd/pmd-regression-tester#103" This reverts commit 67928910df25574ec41821b60d352e5f32bfe971.	2022-03-24 16:18:51 +01:00
Andreas Dangel	67928910df	REVERT ME - Use pmtester from pmd/pmd-regression-tester#103 And also make a change in core to run it	2022-03-18 15:51:15 +01:00
Andreas Dangel	c421e7e646	Update gems Fixes https://github.com/pmd/pmd/security/dependabot/12	2022-03-10 10:58:16 +01:00
Andreas Dangel	691887af00	Update gems (nokogiri and others) Fixes https://github.com/pmd/pmd/security/dependabot/11 Fixes https://github.com/pmd/pmd/security/dependabot/10	2022-02-26 10:39:00 +01:00
Andreas Dangel	ffe8893a3d	Update pmdtester from 1.2.0 to 1.3.0	2021-12-20 19:02:28 +01:00
Andreas Dangel	740968461a	Bump danger from 5.16.1 to 8.4.0	2021-10-15 22:37:23 +02:00
Andreas Dangel	c9077e19ea	Update gems Fixes https://github.com/advisories/GHSA-2rr5-8q37-2w7h	2021-09-30 15:48:48 +02:00
Andreas Dangel	4a519be2d9	Update gems Fixes CVE-2021-32740 Regular Expression Denial of Service in Addressable templates https://github.com/advisories/GHSA-jxhc-q857-3j6g	2021-07-15 10:43:38 +02:00
Andreas Dangel	d79c2d1a0f	[ci] Bump pmd-regression-tester from 1.1.2 to 1.2.0	2021-06-20 18:43:17 +02:00
Andreas Dangel	0dab8818af	Update gems	2021-05-20 14:26:47 +02:00
Andreas Dangel	c2955e3aa9	Update gems Fixes CVE-2021-28965 https://github.com/advisories/GHSA-8cr8-4vfw-mr7h	2021-05-06 10:12:13 +02:00
Andreas Dangel	9937aed5dc	Update gems, use pmdtester 1.1.2	2021-04-23 11:51:52 +02:00
Andreas Dangel	bbec003287	Update gems	2021-04-01 12:01:18 +02:00
Andreas Dangel	9158c9f439	[ci] Update pmdtester to 1.1.1, disable debug	2021-01-16 10:12:32 +01:00
Andreas Dangel	5ed003c686	Update gems CVE-2020-26247 https://github.com/advisories/GHSA-vr8q-g5c7-m54m	2021-01-07 15:28:06 +01:00
Andreas Dangel	5fffaa90f5	[ci] Update pmdtester to 1.1.0	2020-12-05 15:09:11 +01:00
Andreas Dangel	ff030d1d2d	[ci] Update regression tester * Remove workaround for pre-downloading baseline and add baseline-download-url option * Remove unnecessary travis_wait * Add error-recovery flag	2020-11-25 11:26:16 +01:00
Andreas Dangel	cac03fdb29	[ci] Switch back to pmd/pmd-regression-tester@master	2020-10-28 16:17:11 +01:00

1 2

58 Commits