Skip to content

Merge from upstream#4

Merged
fgibelin merged 46 commits intofgibelin:masterfrom
OWASP-Benchmark:master
Apr 14, 2026
Merged

Merge from upstream#4
fgibelin merged 46 commits intofgibelin:masterfrom
OWASP-Benchmark:master

Conversation

@fgibelin
Copy link
Copy Markdown
Owner

@fgibelin fgibelin commented Apr 14, 2026

No description provided.

Dave Wichers and others added 30 commits January 13, 2026 17:40
Make database helper method private since not intended to be used by
89214f7 
test cases.
@dependabot
Bump com.fasterxml.jackson.core:jackson-databind from 2.20.1 to 2.21.0
e9f8ac9 
Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.20.1 to 2.21.0.
- [Commits](https://github.com/FasterXML/jackson/commits)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-version: 2.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump org.codehaus.mojo:versions-maven-plugin from 2.20.1 to 2.21.0
7638712 
Bumps [org.codehaus.mojo:versions-maven-plugin](https://github.com/mojohaus/versions) from 2.20.1 to 2.21.0.
- [Release notes](https://github.com/mojohaus/versions/releases)
- [Changelog](https://github.com/mojohaus/versions/blob/master/ReleaseNotes.md)
- [Commits](mojohaus/versions@2.20.1...2.21.0)

---
updated-dependencies:
- dependency-name: org.codehaus.mojo:versions-maven-plugin
  dependency-version: 2.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@davewichers
Merge pull request #413 from OWASP-Benchmark/dependabot/maven/com.fas…
54b2970 
…terxml.jackson.core-jackson-databind-2.21.0

Bump com.fasterxml.jackson.core:jackson-databind from 2.20.1 to 2.21.0
@davewichers
Merge pull request #414 from OWASP-Benchmark/dependabot/maven/org.cod…
eadf004 
…ehaus.mojo-versions-maven-plugin-2.21.0

Bump org.codehaus.mojo:versions-maven-plugin from 2.20.1 to 2.21.0
@dependabot
Bump com.diffplug.spotless:spotless-maven-plugin from 3.1.0 to 3.2.0
f63d410 
Bumps [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/diffplug/spotless/releases)
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md)
- [Commits](diffplug/spotless@lib/3.1.0...lib/3.2.0)

---
updated-dependencies:
- dependency-name: com.diffplug.spotless:spotless-maven-plugin
  dependency-version: 3.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@davewichers
Merge pull request #415 from OWASP-Benchmark/dependabot/maven/com.dif…
3e382ec 
…fplug.spotless-spotless-maven-plugin-3.2.0

Bump com.diffplug.spotless:spotless-maven-plugin from 3.1.0 to 3.2.0
@dependabot
Bump com.diffplug.spotless:spotless-maven-plugin from 3.2.0 to 3.2.1
b66269f 
Bumps [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) from 3.2.0 to 3.2.1.
- [Release notes](https://github.com/diffplug/spotless/releases)
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md)
- [Commits](diffplug/spotless@lib/3.2.0...maven/3.2.1)

---
updated-dependencies:
- dependency-name: com.diffplug.spotless:spotless-maven-plugin
  dependency-version: 3.2.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@davewichers
Merge pull request #416 from OWASP-Benchmark/dependabot/maven/com.dif…
6928628 
…fplug.spotless-spotless-maven-plugin-3.2.1

Bump com.diffplug.spotless:spotless-maven-plugin from 3.2.0 to 3.2.1
@dependabot
Bump commons-codec:commons-codec from 1.20.0 to 1.21.0
ab0b0ce 
Bumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.20.0 to 1.21.0.
- [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt)
- [Commits](apache/commons-codec@rel/commons-codec-1.20.0...rel/commons-codec-1.21.0)

---
updated-dependencies:
- dependency-name: commons-codec:commons-codec
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@davewichers
Merge pull request #417 from OWASP-Benchmark/dependabot/maven/commons…
5592306 
…-codec-commons-codec-1.21.0

Bump commons-codec:commons-codec from 1.20.0 to 1.21.0
@dependabot
Bump org.apache.maven.plugins:maven-compiler-plugin
30b3409 
Bumps [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.14.1 to 3.15.0.
- [Release notes](https://github.com/apache/maven-compiler-plugin/releases)
- [Commits](apache/maven-compiler-plugin@maven-compiler-plugin-3.14.1...maven-compiler-plugin-3.15.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-compiler-plugin
  dependency-version: 3.15.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@davewichers
Merge pull request #418 from OWASP-Benchmark/dependabot/maven/org.apa…
0bb22b1 
…che.maven.plugins-maven-compiler-plugin-3.15.0

Bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to 3.15.0
Minor code cleanup to one method in Utils and removal of some commented
72cf655 
out printlns.
Merge branch 'master' of https://github.com/OWASP-Benchmark/Benchmark…
3f0c7a4 
…Java
Eliminate some unintended vulns in the test cases.
e6e9c2e
Clean up .gitignore
6f368bf
@dependabot
Bump org.apache.maven.plugins:maven-dependency-plugin
ee05ba5 
Bumps [org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 3.9.0 to 3.10.0.
- [Release notes](https://github.com/apache/maven-dependency-plugin/releases)
- [Commits](apache/maven-dependency-plugin@maven-dependency-plugin-3.9.0...maven-dependency-plugin-3.10.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-dependency-plugin
  dependency-version: 3.10.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@davewichers
Merge pull request #420 from OWASP-Benchmark/dependabot/maven/org.apa…
964b9e0 
…che.maven.plugins-maven-dependency-plugin-3.10.0

Bump org.apache.maven.plugins:maven-dependency-plugin from 3.9.0 to 3.10.0
@dependabot
Bump org.apache.httpcomponents.core5:httpcore5 from 5.4 to 5.4.1
a52ca05 
Bumps [org.apache.httpcomponents.core5:httpcore5](https://github.com/apache/httpcomponents-core) from 5.4 to 5.4.1.
- [Changelog](https://github.com/apache/httpcomponents-core/blob/rel/v5.4.1/RELEASE_NOTES.txt)
- [Commits](apache/httpcomponents-core@rel/v5.4...rel/v5.4.1)

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.core5:httpcore5
  dependency-version: 5.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@davewichers
Merge pull request #421 from OWASP-Benchmark/dependabot/maven/org.apa…
e960c73 
…che.httpcomponents.core5-httpcore5-5.4.1

Bump org.apache.httpcomponents.core5:httpcore5 from 5.4 to 5.4.1
Add jaxb dependencies removed post Java 11 and upgrade Tomcat.
12ee735
@dependabot
Bump com.fasterxml.jackson.core:jackson-databind from 2.21.0 to 2.21.1
7e3eb02 
Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.21.0 to 2.21.1.
- [Commits](https://github.com/FasterXML/jackson/commits)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-version: 2.21.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.4 to 3.5.5
82ade7f 
Bumps [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.5.4 to 3.5.5.
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.5.4...surefire-3.5.5)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-version: 3.5.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@davewichers
Merge pull request #428 from OWASP-Benchmark/dependabot/maven/com.fas…
3299c0d 
…terxml.jackson.core-jackson-databind-2.21.1

Bump com.fasterxml.jackson.core:jackson-databind from 2.21.0 to 2.21.1
@davewichers
Merge pull request #429 from OWASP-Benchmark/dependabot/maven/org.apa…
9a469fe 
…che.maven.plugins-maven-surefire-plugin-3.5.5

Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.4 to 3.5.5
@dependabot
Bump actions/upload-artifact from 6 to 7
9c4bec0 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6 to 7.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v6...v7)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump com.diffplug.spotless:spotless-maven-plugin from 3.2.1 to 3.3.0
8631f2c 
Bumps [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) from 3.2.1 to 3.3.0.
- [Release notes](https://github.com/diffplug/spotless/releases)
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md)
- [Commits](diffplug/spotless@maven/3.2.1...lib/3.3.0)

---
updated-dependencies:
- dependency-name: com.diffplug.spotless:spotless-maven-plugin
  dependency-version: 3.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump org.apache.maven.plugins:maven-resources-plugin from 3.4.0 to 3.5.0
2f0edc6 
Bumps [org.apache.maven.plugins:maven-resources-plugin](https://github.com/apache/maven-resources-plugin) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/apache/maven-resources-plugin/releases)
- [Commits](apache/maven-resources-plugin@v3.4.0...maven-resources-plugin-3.5.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-resources-plugin
  dependency-version: 3.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump org.apache.httpcomponents.core5:httpcore5 from 5.4.1 to 5.4.2
ef1d14e 
Bumps [org.apache.httpcomponents.core5:httpcore5](https://github.com/apache/httpcomponents-core) from 5.4.1 to 5.4.2.
- [Changelog](https://github.com/apache/httpcomponents-core/blob/rel/v5.4.2/RELEASE_NOTES.txt)
- [Commits](apache/httpcomponents-core@rel/v5.4.1...rel/v5.4.2)

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.core5:httpcore5
  dependency-version: 5.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
davewichers and others added 16 commits March 9, 2026 12:47
@davewichers
Merge pull request #430 from OWASP-Benchmark/dependabot/github_action…
1897fb7 
…s/actions/upload-artifact-7

Bump actions/upload-artifact from 6 to 7
@davewichers
Merge pull request #431 from OWASP-Benchmark/dependabot/maven/com.dif…
c43a046 
…fplug.spotless-spotless-maven-plugin-3.3.0

Bump com.diffplug.spotless:spotless-maven-plugin from 3.2.1 to 3.3.0
@davewichers
Merge pull request #432 from OWASP-Benchmark/dependabot/maven/org.apa…
2bc25ae 
…che.maven.plugins-maven-resources-plugin-3.5.0

Bump org.apache.maven.plugins:maven-resources-plugin from 3.4.0 to 3.5.0
@davewichers
Merge pull request #433 from OWASP-Benchmark/dependabot/maven/org.apa…
f3828e2 
…che.httpcomponents.core5-httpcore5-5.4.2

Bump org.apache.httpcomponents.core5:httpcore5 from 5.4.1 to 5.4.2
@davewichers
Add devcontainer.json config file for GitHub Codespace configuration.
514e141
@dependabot
Bump org.codehaus.mojo:extra-enforcer-rules from 1.11.0 to 1.12.0
3e010d5 
Bumps [org.codehaus.mojo:extra-enforcer-rules](https://github.com/mojohaus/extra-enforcer-rules) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/mojohaus/extra-enforcer-rules/releases)
- [Commits](mojohaus/extra-enforcer-rules@1.11.0...1.12.0)

---
updated-dependencies:
- dependency-name: org.codehaus.mojo:extra-enforcer-rules
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump com.diffplug.spotless:spotless-maven-plugin from 3.3.0 to 3.4.0
a5ff7ad 
Bumps [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/diffplug/spotless/releases)
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md)
- [Commits](diffplug/spotless@lib/3.3.0...maven/3.4.0)

---
updated-dependencies:
- dependency-name: com.diffplug.spotless:spotless-maven-plugin
  dependency-version: 3.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump com.fasterxml.jackson.core:jackson-databind from 2.21.1 to 2.21.2
55c6d28 
Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.21.1 to 2.21.2.
- [Commits](https://github.com/FasterXML/jackson/commits)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-version: 2.21.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@davewichers
Merge pull request #436 from OWASP-Benchmark/dependabot/maven/org.cod…
7ac5f70 
…ehaus.mojo-extra-enforcer-rules-1.12.0

Bump org.codehaus.mojo:extra-enforcer-rules from 1.11.0 to 1.12.0
@davewichers
Merge pull request #438 from OWASP-Benchmark/dependabot/maven/com.dif…
63e1007 
…fplug.spotless-spotless-maven-plugin-3.4.0

Bump com.diffplug.spotless:spotless-maven-plugin from 3.3.0 to 3.4.0
@davewichers
Merge pull request #439 from OWASP-Benchmark/dependabot/maven/com.fas…
c180d39 
…terxml.jackson.core-jackson-databind-2.21.2

Bump com.fasterxml.jackson.core:jackson-databind from 2.21.1 to 2.21.2
@dependabot
Bump com.github.spotbugs:spotbugs-maven-plugin from 4.9.8.2 to 4.9.8.3
b389dd5 
Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.9.8.2 to 4.9.8.3.
- [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases)
- [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.8.2...spotbugs-maven-plugin-4.9.8.3)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs-maven-plugin
  dependency-version: 4.9.8.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@davewichers
Merge pull request #442 from OWASP-Benchmark/dependabot/maven/com.git…
c6e642e 
…hub.spotbugs-spotbugs-maven-plugin-4.9.8.3

Bump com.github.spotbugs:spotbugs-maven-plugin from 4.9.8.2 to 4.9.8.3
@dependabot
Bump org.codehaus.cargo:cargo-maven3-plugin from 1.10.26 to 1.10.27
a177e09 
Bumps org.codehaus.cargo:cargo-maven3-plugin from 1.10.26 to 1.10.27.

---
updated-dependencies:
- dependency-name: org.codehaus.cargo:cargo-maven3-plugin
  dependency-version: 1.10.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@davewichers
Merge pull request #443 from OWASP-Benchmark/dependabot/maven/org.cod…
5aef631 
…ehaus.cargo-cargo-maven3-plugin-1.10.27

Bump org.codehaus.cargo:cargo-maven3-plugin from 1.10.26 to 1.10.27
@davewichers
Remove deprecated JVM parameter when starting Tomcat and update licen…
b7b159c 
…se in openapi spec file.
@fgibelin fgibelin merged commit e70034e into fgibelin:master Apr 14, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fgibelin @davewichers