Dbacld 213393 CVE 2026 24400 assertj core 3.14.0#1577
Merged
akumar074 merged 2 commits intokiegroup:7.67.x-bluefrom Mar 30, 2026
Merged
Conversation
added 2 commits
March 25, 2026 16:00
Author
|
This PR is the fix for FDB failure in kiegroup/droolsjbpm-build-bootstrap#2636 |
akumar074
approved these changes
Mar 30, 2026
Member
|
Merging this PR as FDB test failures are unrelated. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Update assertj-core version to 3.27.7 to fix GHSA-rqfh-9r24-8c9r
Closes https://jsw.ibm.com/browse/DBACLD-213393
referenced Pull Requests: (please edit the URLs of referenced pullrequests if they exist)
How to replicate CI configuration locally?
Build Chain tool does "simple" maven build(s), the builds are just Maven commands, but because the repositories relates and depends on each other and any change in API or class method could affect several of those repositories there is a need to use build-chain tool to handle cross repository builds and be sure that we always use latest version of the code for each repository.
build-chain tool is a build tool which can be used on command line locally or in Github Actions workflow(s), in case you need to change multiple repositories and send multiple dependent pull requests related with a change you can easily reproduce the same build by executing it on Github hosted environment or locally in your development environment. See local execution details to get more information about it.
How to retest this PR or trigger a specific build:
a pull request please add comment: Jenkins retest this
a full downstream build please add comment: Jenkins run fdb
a compile downstream build please add comment: Jenkins run cdb
a full production downstream build please add comment: Jenkins execute product fdb
an upstream build please add comment: Jenkins run upstream
How to backport a pull request to a different branch?
In order to automatically create a backporting pull request please add one or more labels having the following format
backport-<branch-name>, where<branch-name>is the name of the branch where the pull request must be backported to (e.g.,backport-7.67.xto backport the original PR to the7.67.xbranch).Once the original pull request is successfully merged, the automated action will create one backporting pull request per each label (with the previous format) that has been added.
If something goes wrong, the author will be notified and at this point a manual backporting is needed.