Skip to content

更新数据#1

Open
yinchongbing wants to merge 4588 commits into
yinchongbing:masterfrom
kubernetes-client:master
Open

更新数据#1
yinchongbing wants to merge 4588 commits into
yinchongbing:masterfrom
kubernetes-client:master

Conversation

@yinchongbing

@yinchongbing yinchongbing commented Nov 8, 2019

Copy link
Copy Markdown
Owner

更新数据

dependabot Bot and others added 30 commits March 12, 2026 02:02
@dependabot
build(deps): bump software.amazon.awssdk:sts from 2.42.9 to 2.42.11
34938fa 
Bumps software.amazon.awssdk:sts from 2.42.9 to 2.42.11.

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:sts
  dependency-version: 2.42.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@k8s-ci-robot
Merge pull request #4643 from kubernetes-client/dependabot/maven/org.…
dffd758 
…mockito-mockito-junit-jupiter-5.23.0

build(deps): bump org.mockito:mockito-junit-jupiter from 5.22.0 to 5.23.0
@k8s-ci-robot
Merge pull request #4644 from kubernetes-client/dependabot/maven/soft…
45b930e 
…ware.amazon.awssdk-sts-2.42.11

build(deps): bump software.amazon.awssdk:sts from 2.42.9 to 2.42.11
@k8s-ci-robot
Merge pull request #4432 from yue9944882/fix-plugin-migration
05a655a 
Fix release failure after maven central plugin migration
@dependabot
build(deps): bump org.apache.maven.plugins:maven-javadoc-plugin
94f4ad7 
Bumps [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.11.3 to 3.12.0.
- [Release notes](https://github.com/apache/maven-javadoc-plugin/releases)
- [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.11.3...maven-javadoc-plugin-3.12.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-javadoc-plugin
  dependency-version: 3.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
build(deps): bump software.amazon.awssdk:sts from 2.42.11 to 2.42.13
62de08b 
Bumps software.amazon.awssdk:sts from 2.42.11 to 2.42.13.

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:sts
  dependency-version: 2.42.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@k8s-ci-robot
Merge pull request #4645 from kubernetes-client/dependabot/maven/org.…
7b510b2 
…apache.maven.plugins-maven-javadoc-plugin-3.12.0

build(deps): bump org.apache.maven.plugins:maven-javadoc-plugin from 3.11.3 to 3.12.0
@k8s-ci-robot
Merge pull request #4647 from kubernetes-client/dependabot/maven/soft…
832b20e 
…ware.amazon.awssdk-sts-2.42.13

build(deps): bump software.amazon.awssdk:sts from 2.42.11 to 2.42.13
@dependabot
build(deps): bump software.amazon.awssdk:sts from 2.42.13 to 2.42.14
6eb3531 
Bumps software.amazon.awssdk:sts from 2.42.13 to 2.42.14.

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:sts
  dependency-version: 2.42.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@k8s-ci-robot
Merge pull request #4650 from kubernetes-client/dependabot/maven/soft…
5c1a23e 
…ware.amazon.awssdk-sts-2.42.14

build(deps): bump software.amazon.awssdk:sts from 2.42.13 to 2.42.14
@dependabot
build(deps): bump software.amazon.awssdk:sts from 2.42.14 to 2.42.15
caece96 
Bumps software.amazon.awssdk:sts from 2.42.14 to 2.42.15.

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:sts
  dependency-version: 2.42.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@k8s-ci-robot
Merge pull request #4651 from kubernetes-client/dependabot/maven/soft…
f0c35b4 
…ware.amazon.awssdk-sts-2.42.15

build(deps): bump software.amazon.awssdk:sts from 2.42.14 to 2.42.15
@dependabot
build(deps): bump com.diffplug.spotless:spotless-maven-plugin
1e14663 
Bumps [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/diffplug/spotless/releases)
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md)
- [Commits](diffplug/spotless@lib/3.3.0...maven/3.4.0)

---
updated-dependencies:
- dependency-name: com.diffplug.spotless:spotless-maven-plugin
  dependency-version: 3.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
build(deps): bump software.amazon.awssdk:sts from 2.42.15 to 2.42.16
9813c80 
Bumps software.amazon.awssdk:sts from 2.42.15 to 2.42.16.

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:sts
  dependency-version: 2.42.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@k8s-ci-robot
Merge pull request #4652 from kubernetes-client/dependabot/maven/com.…
c51b0e5 
…diffplug.spotless-spotless-maven-plugin-3.4.0

build(deps): bump com.diffplug.spotless:spotless-maven-plugin from 3.3.0 to 3.4.0
@k8s-ci-robot
Merge pull request #4653 from kubernetes-client/dependabot/maven/soft…
52c5d65 
…ware.amazon.awssdk-sts-2.42.16

build(deps): bump software.amazon.awssdk:sts from 2.42.15 to 2.42.16
@dependabot
build(deps): bump spring.boot.version from 4.0.3 to 4.0.4
a2d2ec1 
Bumps `spring.boot.version` from 4.0.3 to 4.0.4.

Updates `org.springframework.boot:spring-boot` from 4.0.3 to 4.0.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v4.0.3...v4.0.4)

Updates `org.springframework.boot:spring-boot-autoconfigure` from 4.0.3 to 4.0.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v4.0.3...v4.0.4)

Updates `org.springframework.boot:spring-boot-actuator` from 4.0.3 to 4.0.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v4.0.3...v4.0.4)

Updates `org.springframework.boot:spring-boot-test` from 4.0.3 to 4.0.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v4.0.3...v4.0.4)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot
  dependency-version: 4.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-autoconfigure
  dependency-version: 4.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-actuator
  dependency-version: 4.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.boot:spring-boot-test
  dependency-version: 4.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
build(deps): bump software.amazon.awssdk:sts from 2.42.16 to 2.42.18
d15fe2c 
Bumps software.amazon.awssdk:sts from 2.42.16 to 2.42.18.

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:sts
  dependency-version: 2.42.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
build(deps): bump com.google.protobuf:protobuf-java
92fc540 
Bumps [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) from 4.34.0 to 4.34.1.
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

---
updated-dependencies:
- dependency-name: com.google.protobuf:protobuf-java
  dependency-version: 4.34.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
build(deps): bump jackson.version from 2.21.1 to 2.21.2
427506e 
Bumps `jackson.version` from 2.21.1 to 2.21.2.

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.21.1 to 2.21.2
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.core:jackson-core` from 2.21.1 to 2.21.2
- [Commits](FasterXML/jackson-core@jackson-core-2.21.1...jackson-core-2.21.2)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-version: 2.21.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.fasterxml.jackson.core:jackson-core
  dependency-version: 2.21.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@k8s-ci-robot
Merge pull request #4655 from kubernetes-client/dependabot/maven/spri…
f43402e 
…ng.boot.version-4.0.4

build(deps): bump spring.boot.version from 4.0.3 to 4.0.4
@k8s-ci-robot
Merge pull request #4658 from kubernetes-client/dependabot/maven/soft…
a60fd12 
…ware.amazon.awssdk-sts-2.42.18

build(deps): bump software.amazon.awssdk:sts from 2.42.16 to 2.42.18
@k8s-ci-robot
Merge pull request #4659 from kubernetes-client/dependabot/maven/com.…
9ccbb72 
…google.protobuf-protobuf-java-4.34.1

build(deps): bump com.google.protobuf:protobuf-java from 4.34.0 to 4.34.1
@k8s-ci-robot
Merge pull request #4660 from kubernetes-client/dependabot/maven/jack…
e13649a 
…son.version-2.21.2

build(deps): bump jackson.version from 2.21.1 to 2.21.2
@dependabot
build(deps): bump software.amazon.awssdk:sts from 2.42.18 to 2.42.19
98d3d81 
Bumps software.amazon.awssdk:sts from 2.42.18 to 2.42.19.

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:sts
  dependency-version: 2.42.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@k8s-ci-robot
Merge pull request #4663 from kubernetes-client/dependabot/maven/soft…
8287ee4 
…ware.amazon.awssdk-sts-2.42.19

build(deps): bump software.amazon.awssdk:sts from 2.42.18 to 2.42.19
@dependabot
build(deps): bump software.amazon.awssdk:sts from 2.42.19 to 2.42.20
5406a53 
Bumps software.amazon.awssdk:sts from 2.42.19 to 2.42.20.

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:sts
  dependency-version: 2.42.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@k8s-ci-robot
Merge pull request #4664 from kubernetes-client/dependabot/maven/soft…
0307c4b 
…ware.amazon.awssdk-sts-2.42.20

build(deps): bump software.amazon.awssdk:sts from 2.42.19 to 2.42.20
@dependabot
build(deps): bump software.amazon.awssdk:sts from 2.42.20 to 2.42.21
84e5672 
Bumps software.amazon.awssdk:sts from 2.42.20 to 2.42.21.

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:sts
  dependency-version: 2.42.21
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@k8s-ci-robot
Merge pull request #4665 from kubernetes-client/dependabot/maven/soft…
d23567d 
…ware.amazon.awssdk-sts-2.42.21

build(deps): bump software.amazon.awssdk:sts from 2.42.20 to 2.42.21
dependabot Bot and others added 30 commits May 20, 2026 22:51
@dependabot
build(deps): bump spring.version from 6.2.8 to 7.0.7
d21f8ec 
Bumps `spring.version` from 6.2.8 to 7.0.7.

Updates `org.springframework:spring-core` from 6.2.8 to 7.0.7
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.2.8...v7.0.7)

Updates `org.springframework:spring-aop` from 6.2.8 to 7.0.7
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.2.8...v7.0.7)

Updates `org.springframework:spring-beans` from 6.2.8 to 7.0.7
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.2.8...v7.0.7)

Updates `org.springframework:spring-context` from 6.2.8 to 7.0.7
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.2.8...v7.0.7)

Updates `org.springframework:spring-expression` from 6.2.8 to 7.0.7
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.2.8...v7.0.7)

Updates `org.springframework:spring-test` from 6.2.8 to 7.0.7
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.2.8...v7.0.7)

---
updated-dependencies:
- dependency-name: org.springframework:spring-aop
  dependency-version: 7.0.7
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: org.springframework:spring-beans
  dependency-version: 7.0.7
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: org.springframework:spring-context
  dependency-version: 7.0.7
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: org.springframework:spring-core
  dependency-version: 7.0.7
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: org.springframework:spring-expression
  dependency-version: 7.0.7
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: org.springframework:spring-test
  dependency-version: 7.0.7
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Add dependabot Bazel sync workflow
e2cc8fa
Add manual backfill for open Dependabot PR sync
5b66a17
Add manual backfill workflow for open Dependabot PRs
0a03782
Handle paginated Dependabot PR backfill in workflow
00d4245
@k8s-ci-robot
Merge pull request #4780 from kubernetes-client/copilot/resync-bazel-…
51271c3 
…dependencies

Add Dependabot Bazel sync automation with manual backfill for existing PRs
Initial plan
a24ac45
Fix Dependabot Bazel sync workflows
e8ea04b
@dependabot
build(deps): bump github/codeql-action from 4.35.5 to 4.36.0
427ee6d 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.5 to 4.36.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@9e0d7b8...7211b7c)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@k8s-ci-robot
Merge pull request #4782 from kubernetes-client/dependabot/github_act…
3dcfb84 
…ions/github/codeql-action-4.36.0

build(deps): bump github/codeql-action from 4.35.5 to 4.36.0
@k8s-ci-robot
Merge pull request #4741 from hwayoungjun/fix/eks-auth-token-refresh
96e468f 
fix: refresh EKS authentication token per request
@k8s-ci-robot
Merge pull request #4781 from kubernetes-client/copilot/fix-sync-open…
01c39b0 
…-dependabot-prs

Fix failing GitHub Actions job sync-open-dependabot-prs
@github-actions
Sync Bazel dependencies for Dependabot update (#4771)
5798043
@k8s-ci-robot
Merge pull request #4779 from hwayoungjun/fix/eks-authentication-401
99cc0b6 
fix: generate valid EKS authentication token payload
@k8s-ci-robot
Merge pull request #4771 from kubernetes-client/dependabot/maven/spri…
f2f0ad9 
…ng.version-7.0.7

build(deps): bump spring.version from 6.2.8 to 7.0.7
@dependabot
build(deps): bump com.google.protobuf:protobuf-java
4998fe0 
Bumps [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) from 4.34.1 to 4.35.0.
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

---
updated-dependencies:
- dependency-name: com.google.protobuf:protobuf-java
  dependency-version: 4.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@github-actions
Sync Bazel dependencies for Dependabot update
ec6012a
@dependabot
build(deps): bump actions/checkout from 6.0.2 to 6.0.3
8e164eb 
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@de0fac2...df4cb1c)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
build(deps): bump github/codeql-action from 4.36.0 to 4.36.1
f60b298 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.36.0 to 4.36.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@7211b7c...87557b9)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@k8s-ci-robot
Merge pull request #4785 from kubernetes-client/dependabot/maven/com.…
57f6a29 
…google.protobuf-protobuf-java-4.35.0

build(deps): bump com.google.protobuf:protobuf-java from 4.34.1 to 4.35.0
@k8s-ci-robot
Merge pull request #4792 from kubernetes-client/dependabot/github_act…
938cc7e 
…ions/actions/checkout-6.0.3

build(deps): bump actions/checkout from 6.0.2 to 6.0.3
@k8s-ci-robot
Merge pull request #4794 from kubernetes-client/dependabot/github_act…
257c00c 
…ions/github/codeql-action-4.36.1

build(deps): bump github/codeql-action from 4.36.0 to 4.36.1
@dependabot
build(deps): bump graalvm/setup-graalvm from 1.5.3 to 1.5.4
f41f2a5 
Bumps [graalvm/setup-graalvm](https://github.com/graalvm/setup-graalvm) from 1.5.3 to 1.5.4.
- [Release notes](https://github.com/graalvm/setup-graalvm/releases)
- [Commits](graalvm/setup-graalvm@bef4b0e...329c42c)

---
updated-dependencies:
- dependency-name: graalvm/setup-graalvm
  dependency-version: 1.5.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
build(deps-dev): bump org.codehaus.gmavenplus:gmavenplus-plugin
dc475c9 
Bumps [org.codehaus.gmavenplus:gmavenplus-plugin](https://github.com/groovy/GMavenPlus) from 4.3.1 to 5.0.0.
- [Release notes](https://github.com/groovy/GMavenPlus/releases)
- [Commits](groovy/GMavenPlus@4.3.1...5.0.0)

---
updated-dependencies:
- dependency-name: org.codehaus.gmavenplus:gmavenplus-plugin
  dependency-version: 5.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@k8s-ci-robot
Merge pull request #4793 from kubernetes-client/dependabot/github_act…
26bb4b1 
…ions/graalvm/setup-graalvm-1.5.4

build(deps): bump graalvm/setup-graalvm from 1.5.3 to 1.5.4
@dependabot
build(deps): bump github/codeql-action from 4.36.1 to 4.36.2
bd8b007 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.36.1 to 4.36.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@87557b9...8aad20d)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@brendandburns
fix(util): prevent non-tar copy path traversal
4830041 
Harden Copy non-tar directory copy against path traversal from pod-controlled ls -F output by sanitizing entry names and enforcing destination path containment. Add regression test for traversal and positive test for safe entries.
@k8s-ci-robot
Merge pull request #4798 from kubernetes-client/fix/copy-nontar-path-…
816ea24 
…traversal

fix(util): prevent non-tar copy path traversal
@k8s-ci-robot
Merge pull request #4795 from kubernetes-client/dependabot/maven/org.…
7b61512 
…codehaus.gmavenplus-gmavenplus-plugin-5.0.0

build(deps-dev): bump org.codehaus.gmavenplus:gmavenplus-plugin from 4.3.1 to 5.0.0
@k8s-ci-robot
Merge pull request #4797 from kubernetes-client/dependabot/github_act…
6342c61 
…ions/github/codeql-action-4.36.2

build(deps): bump github/codeql-action from 4.36.1 to 4.36.2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@yinchongbing @k8s-ci-robot @brendandburns @yue9944882 @YuqiGuo105 @hwayoungjun