Build: #2417 was successful
Job: Build and Test was successful
Code commits
openmrs-core
-
Am-Coder <39997970+Am-Coder@users.noreply.github.com> bb01e3c4e007f70de01f27dbc1c849e621a80be5
TRUNK-5917 Boolean Like comparison not allowed in PostgreSQL (#3490)
- api/src/main/java/org/openmrs/api/db/hibernate/HibernateSerializedObjectDAO.java (version bb01e3c4e007f70de01f27dbc1c849e621a80be5)
-
Ivo <teleivo@users.noreply.github.com> f790a02b4c9da2b256b868be0b1a8342844fd3e2
Fix closing tag in pom.xml
- pom.xml (version f790a02b4c9da2b256b868be0b1a8342844fd3e2)
-
Ivo <teleivo@users.noreply.github.com> 74f1ba1bbd6feec1c09070a521ae5e69e1fb9876
Ensure Jackson 2 is updated in one commit
since the Jackson 2 dependencies are releases together we should update them together. using a property will ensure that manual and dependabot updates will do just that- pom.xml (version 74f1ba1bbd6feec1c09070a521ae5e69e1fb9876)
-
Ivo <teleivo@users.noreply.github.com> ef8903c71d892249f00f3cfbb80e6d336d47fae1
Ensure aspectj dependencies are updated together
the aspects libraries are released together and so we should update them in the same commit. using a property ensures that manual and dependabot updates will do just that- pom.xml (version ef8903c71d892249f00f3cfbb80e6d336d47fae1)
-
dkayiwa <kayiwadaniel@gmail.com> d59c0b026094aa2f210b1b07dac6e1ebe1b0112c
TRUNK-5344 - Fixing WebModuleActivatorTest
- web/src/test/java/org/openmrs/web/test/TestContextLoader.java (version d59c0b026094aa2f210b1b07dac6e1ebe1b0112c)
- web/src/test/java/org/openmrs/web/test/WebModuleActivatorTest.java (version d59c0b026094aa2f210b1b07dac6e1ebe1b0112c)
-
Ian Bacher 053dc9bb9ad344db4cfb6976de7e780a0c05afff
Fix some small security-related things
* Failed username and login only throws an exception from a single
location, as originally intended
* Salts are generated using SecureRandom
* Salts are regenerated on every password change
* Simplify fetching password and salt to a single DB query
* Simplify logic to hash a String
* Refactoring to remove exceptions from normal flow of control- api/src/main/java/org/openmrs/api/context/UsernamePasswordAuthenticationScheme.java (version 053dc9bb9ad344db4cfb6976de7e780a0c05afff)
- api/src/main/java/org/openmrs/api/db/hibernate/HibernateContextDAO.java (version 053dc9bb9ad344db4cfb6976de7e780a0c05afff)
- api/src/main/java/org/openmrs/api/db/hibernate/HibernateUserDAO.java (version 053dc9bb9ad344db4cfb6976de7e780a0c05afff)
- api/src/main/java/org/openmrs/util/Security.java (version 053dc9bb9ad344db4cfb6976de7e780a0c05afff)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 25acad77fcdcab0cb647d5bd4ca2e30fef600d9a
maven(deps): bump maven-checkstyle-plugin from 2.17 to 3.1.1
Bumps [maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 2.17 to 3.1.1.
- [Release notes](https://github.com/apache/maven-checkstyle-plugin/releases)
- [Commits](https://github.com/apache/maven-checkstyle-plugin/compare/maven-checkstyle-plugin-2.17...maven-checkstyle-plugin-3.1.1)
Signed-off-by: dependabot[bot] <support@github.com>- pom.xml (version 25acad77fcdcab0cb647d5bd4ca2e30fef600d9a)
-
Ian Bacher c49ba8a775fa338cc124727e87de30d6240cb260
Update lucene-analyzers-phonetic
- .github/dependabot.yml (version c49ba8a775fa338cc124727e87de30d6240cb260)
- pom.xml (version c49ba8a775fa338cc124727e87de30d6240cb260)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> c2bdf9f46f6aea52374f0b2ab81d2c45f0720642
maven(deps): bump maven-javadoc-plugin from 2.10.3 to 3.2.0
Bumps [maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 2.10.3 to 3.2.0.
- [Release notes](https://github.com/apache/maven-javadoc-plugin/releases)
- [Commits](https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-2.10.3...maven-javadoc-plugin-3.2.0)
Signed-off-by: dependabot[bot] <support@github.com>- pom.xml (version c2bdf9f46f6aea52374f0b2ab81d2c45f0720642)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 9a74698b07a055c42dd5dc38cc3cb9b878f3b138
maven(deps): bump commons-lang3 from 3.10 to 3.11
Bumps commons-lang3 from 3.10 to 3.11.
Signed-off-by: dependabot[bot] <support@github.com>- pom.xml (version 9a74698b07a055c42dd5dc38cc3cb9b878f3b138)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> e643aa8154c41fdffe1e282da0ed8c6d6af142a3
maven(deps): bump sonar-maven-plugin from 3.4.0.905 to 3.7.0.1746
Bumps [sonar-maven-plugin](https://github.com/SonarSource/sonar-scanner-maven) from 3.4.0.905 to 3.7.0.1746.
- [Release notes](https://github.com/SonarSource/sonar-scanner-maven/releases)
- [Commits](https://github.com/SonarSource/sonar-scanner-maven/compare/3.4.0.905...3.7.0.1746)
Signed-off-by: dependabot[bot] <support@github.com>- pom.xml (version e643aa8154c41fdffe1e282da0ed8c6d6af142a3)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 4a5da65a329985358d7fc0e7b02b22a8a821c6fb
maven(deps): bump commons-validator from 1.6 to 1.7
Bumps commons-validator from 1.6 to 1.7.
Signed-off-by: dependabot[bot] <support@github.com>- pom.xml (version 4a5da65a329985358d7fc0e7b02b22a8a821c6fb)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 43893b4ba8f6472c8c85223c0794d869e0c48ea3
maven(deps): bump jackson-annotations from 2.11.0 to 2.11.2
Bumps [jackson-annotations](https://github.com/FasterXML/jackson) from 2.11.0 to 2.11.2.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)
Signed-off-by: dependabot[bot] <support@github.com>- pom.xml (version 43893b4ba8f6472c8c85223c0794d869e0c48ea3)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> c9d8d470ad5304c557e7dc03a2b02dedb929894f
maven(deps): bump maven-eclipse-plugin from 2.8 to 2.10
Bumps maven-eclipse-plugin from 2.8 to 2.10.
Signed-off-by: dependabot[bot] <support@github.com>- pom.xml (version c9d8d470ad5304c557e7dc03a2b02dedb929894f)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 25c1d5ebeba877509ed26be92b30967af8a2b13a
maven(deps): bump jackson-core from 2.11.0 to 2.11.2
Bumps [jackson-core](https://github.com/FasterXML/jackson-core) from 2.11.0 to 2.11.2.
- [Release notes](https://github.com/FasterXML/jackson-core/releases)
- [Commits](https://github.com/FasterXML/jackson-core/compare/jackson-core-2.11.0...jackson-core-2.11.2)
Signed-off-by: dependabot[bot] <support@github.com>- pom.xml (version 25c1d5ebeba877509ed26be92b30967af8a2b13a)
-
Ivo <teleivo@users.noreply.github.com> cc8e21ed4e038ad7c0d6310ecee4335d8c1c697a
Pull request limit property is not part of schedule
- .github/dependabot.yml (version cc8e21ed4e038ad7c0d6310ecee4335d8c1c697a)
-
Ivo <teleivo@users.noreply.github.com> dda395b4cfc5d99eb79beeb1cbda79304681215e
Allow 10 PRs for maven updates
so that we can cycle faster through all our dependencies. Once we are through and they are up to date we can turn this back down to the default of 5 PRs- .github/dependabot.yml (version dda395b4cfc5d99eb79beeb1cbda79304681215e)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> df33b1ae740720cc718c82f0c14943eee5f17bf8
maven(deps): bump buildnumber-maven-plugin from 1.1 to 1.4
Bumps [buildnumber-maven-plugin](https://github.com/mojohaus/buildnumber-maven-plugin) from 1.1 to 1.4.
- [Release notes](https://github.com/mojohaus/buildnumber-maven-plugin/releases)
- [Commits](https://github.com/mojohaus/buildnumber-maven-plugin/compare/buildnumber-maven-plugin-1.1...buildnumber-maven-plugin-1.4)
Signed-off-by: dependabot[bot] <support@github.com>- pom.xml (version df33b1ae740720cc718c82f0c14943eee5f17bf8)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 0099884354eb624140974b4c3b9bb45c26eaea75
maven(deps): bump jackson-databind from 2.11.0 to 2.11.2
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.11.0 to 2.11.2.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)
Signed-off-by: dependabot[bot] <support@github.com>- pom.xml (version 0099884354eb624140974b4c3b9bb45c26eaea75)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> f17d713fcbcb09828c21d2cf6a43380da814fe0a
maven(deps): bump encoder from 1.2 to 1.2.2
Bumps [encoder](https://github.com/owasp/owasp-java-encoder) from 1.2 to 1.2.2.
- [Release notes](https://github.com/owasp/owasp-java-encoder/releases)
- [Commits](https://github.com/owasp/owasp-java-encoder/compare/v1.2...v1.2.2)
Signed-off-by: dependabot[bot] <support@github.com>- web/pom.xml (version f17d713fcbcb09828c21d2cf6a43380da814fe0a)
-
?ukasz D?bicki <sacull@gmail.com> b2835786fbe9588c130e6d5289499ea985da0ecd
TRUNK-5838: Correct version validate method and add test to check that (#3324)
- api/src/main/java/org/openmrs/util/OpenmrsUtil.java (version b2835786fbe9588c130e6d5289499ea985da0ecd)
-
Ivo <teleivo@users.noreply.github.com> 6cb7e7133b5b1dc94922699c6b6e2f3242e82ebd
Bump liquibase (#3476)
* Update liquibase-core to 3.10.2
which was originally done by dependabot at https://github.com/openmrs/openmrs-core/pull/3464
now that we ruled out that the failing tests were due to this version we can update it again
* Update liquibase maven plugin
which was originally done by dependabot at https://github.com/openmrs/openmrs-core/pull/3470- liquibase/pom.xml (version 6cb7e7133b5b1dc94922699c6b6e2f3242e82ebd)
- pom.xml (version 6cb7e7133b5b1dc94922699c6b6e2f3242e82ebd)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 6efe06df9489e141584b2929786b2a20a515276a
maven(deps): bump maven-source-plugin from 2.1.2 to 3.2.1
Bumps [maven-source-plugin](https://github.com/apache/maven-source-plugin) from 2.1.2 to 3.2.1.
- [Release notes](https://github.com/apache/maven-source-plugin/releases)
- [Commits](https://github.com/apache/maven-source-plugin/compare/maven-source-plugin-2.1.2...maven-source-plugin-3.2.1)
Signed-off-by: dependabot[bot] <support@github.com>- pom.xml (version 6efe06df9489e141584b2929786b2a20a515276a)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 07d2079f8ecc128c47b8e4aafc3ebe61aa2e9c1b
maven(deps): bump jetty-maven-plugin
Bumps [jetty-maven-plugin](https://github.com/eclipse/jetty.project) from 9.4.25.v20191220 to 9.4.31.v20200723.
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.25.v20191220...jetty-9.4.31.v20200723)
Signed-off-by: dependabot[bot] <support@github.com>- webapp/pom.xml (version 07d2079f8ecc128c47b8e4aafc3ebe61aa2e9c1b)
-
achilep <pahonsibebeto@gmail.com> 4e5733854dbf241e5fabc893f1456949dc35f9c2
to fix test failed
- api/src/test/resources/org/openmrs/api/db/hibernate/include/HibernateAlertDAOTestDataSet.xml (version 4e5733854dbf241e5fabc893f1456949dc35f9c2)
-
Ivo <teleivo@users.noreply.github.com> 09190b654c95979ba1ea8d815d6abb6e88bb515c
Revert bump of jetty
this change seems unrelated to the failures we see on Travis but let's revert all changes so we reach the state when the tests were passing on master. revert of https://github.com/openmrs/openmrs-core/pull/3469- webapp/pom.xml (version 09190b654c95979ba1ea8d815d6abb6e88bb515c)
-
Ivo <teleivo@users.noreply.github.com> 87d7537067e8181fd06b8434137538f9734a8c89
Keep liquibase-core and maven plugin in sync
rule out that this update was in fact the culprit of failing tests even though tests were passing after this update- pom.xml (version 87d7537067e8181fd06b8434137538f9734a8c89)
-
Ivo <teleivo@users.noreply.github.com> 085ac2cc56e559b5e8e32d70656134d57d04a05b
Revert bump of maven source plugin
which is mosr likely causing the tests to fail see https://github.com/openmrs/openmrs-core/pull/3468/files- pom.xml (version 085ac2cc56e559b5e8e32d70656134d57d04a05b)
-
Ivo <teleivo@users.noreply.github.com> 86d06a13b6313a299a362c7640b4b8075a5892c6
Revert bump liquibase-maven-plugin
a few tests are failing since the merge. not sure how that is related to this update. the tests in the updating PR ran successfully. See Travis failure https://travis-ci.org/github/openmrs/openmrs-core/builds/716053970- liquibase/pom.xml (version 86d06a13b6313a299a362c7640b4b8075a5892c6)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 15484a8e5723db7b393519c7d75d16bee2a87725
maven(deps): bump maven-source-plugin from 2.1.2 to 3.2.1
Bumps [maven-source-plugin](https://github.com/apache/maven-source-plugin) from 2.1.2 to 3.2.1.
- [Release notes](https://github.com/apache/maven-source-plugin/releases)
- [Commits](https://github.com/apache/maven-source-plugin/compare/maven-source-plugin-2.1.2...maven-source-plugin-3.2.1)
Signed-off-by: dependabot[bot] <support@github.com>- pom.xml (version 15484a8e5723db7b393519c7d75d16bee2a87725)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 5bb73643c5bb1f69c33ff237010e6b9ada8e12fc
maven(deps): bump jetty-maven-plugin
Bumps [jetty-maven-plugin](https://github.com/eclipse/jetty.project) from 9.4.25.v20191220 to 9.4.31.v20200723.
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.25.v20191220...jetty-9.4.31.v20200723)
Signed-off-by: dependabot[bot] <support@github.com>- webapp/pom.xml (version 5bb73643c5bb1f69c33ff237010e6b9ada8e12fc)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 49cf4a9983878bd07aace8cb55f6bc971bac2198
maven(deps): bump liquibase-maven-plugin from 3.8.9 to 3.10.2
Bumps [liquibase-maven-plugin](https://github.com/liquibase/liquibase) from 3.8.9 to 3.10.2.
- [Release notes](https://github.com/liquibase/liquibase/releases)
- [Changelog](https://github.com/liquibase/liquibase/blob/master/changelog.txt)
- [Commits](https://github.com/liquibase/liquibase/compare/v3.8.9...v3.10.2)
Signed-off-by: dependabot[bot] <support@github.com>- liquibase/pom.xml (version 49cf4a9983878bd07aace8cb55f6bc971bac2198)
-
Ivo <teleivo@users.noreply.github.com> 413cb7f14baad9b32761a3a82ae31e82228381e9
Let dependabot ignore major liquibase plugin update
seems to be released together with the major corebupdate which has breaking changes- .github/dependabot.yml (version 413cb7f14baad9b32761a3a82ae31e82228381e9)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 4c8e8a19bbbb702d597a8b00b4a0721548d8b113
maven(deps): bump maven-jxr-plugin from 2.3 to 3.0.0
Bumps [maven-jxr-plugin](https://github.com/apache/maven-jxr) from 2.3 to 3.0.0.
- [Release notes](https://github.com/apache/maven-jxr/releases)
- [Commits](https://github.com/apache/maven-jxr/compare/jxr-2.3...jxr-3.0.0)
Signed-off-by: dependabot[bot] <support@github.com>- pom.xml (version 4c8e8a19bbbb702d597a8b00b4a0721548d8b113)