Bump com.github.dasniko:testcontainers-keycloak from 2.5.0 to 4.2.1

[dependabot]

Bumps com.github.dasniko:testcontainers-keycloak from 2.5.0 to 4.2.1.

Release notes

Sourced from com.github.dasniko:testcontainers-keycloak's releases.

v4.2.1

What's Changed

• update Keycloak admin client to version 26.0.9

Full Changelog: dasniko/testcontainers-keycloak@v4.2.0...v4.2.1

v4.2.0

Noteable Changes

I've deprecated the default no-args constructor, as the behavior will most likely change in future (starting with KC v27). So, it's recommended that you always specify explicitly the image which you are running your tests against!

Additionally, I've also deprecated for removal some more-or-less internal methods (withNightly and getKeycloakDefaultVersion), they were never officially documented. Most likely they will be removed in the future.

What's Changed

• chore(deps-dev): bump ch.qos.logback:logback-classic from 1.5.23 to 1.5.24 by @​dependabot[bot] in dasniko/testcontainers-keycloak#266
• chore(deps-dev): bump junit-jupiter.version from 6.0.1 to 6.0.2 by @​dependabot[bot] in dasniko/testcontainers-keycloak#264
• chore(deps): bump org.sonatype.central:central-publishing-maven-plugin from 0.9.0 to 0.10.0 by @​dependabot[bot] in dasniko/testcontainers-keycloak#265
• chore(deps-dev): bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to 3.15.0 by @​dependabot[bot] in dasniko/testcontainers-keycloak#271
• chore(deps-dev): bump net.datafaker:datafaker from 2.5.3 to 2.5.4 by @​dependabot[bot] in dasniko/testcontainers-keycloak#275
• chore(deps-dev): bump org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-impl-maven-archive from 3.3.4 to 3.3.5 by @​dependabot[bot] in dasniko/testcontainers-keycloak#277
• chore(deps-dev): bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.32 by @​dependabot[bot] in dasniko/testcontainers-keycloak#278
• chore(deps-dev): bump jackson.version from 2.21.0 to 2.21.1 by @​dependabot[bot] in dasniko/testcontainers-keycloak#279
• chore(deps-dev): bump junit-jupiter.version from 6.0.2 to 6.0.3 by @​dependabot[bot] in dasniko/testcontainers-keycloak#276
• chore(deps-dev): bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.4 to 3.5.5 by @​dependabot[bot] in dasniko/testcontainers-keycloak#280
• chore(deps-dev): bump jackson.version from 2.21.1 to 2.21.2 by @​dependabot[bot] in dasniko/testcontainers-keycloak#281
• docs: restructure and extend README by @​dasniko in dasniko/testcontainers-keycloak#283
• Mark default constructor as deprecated by @​dasniko in dasniko/testcontainers-keycloak#284
• add customizable image pull policy with 24h default refresh by @​dasniko in dasniko/testcontainers-keycloak#289
• chore: bump crazy-max/ghaction-import-gpg from 6 to 7 by @​dependabot[bot] in dasniko/testcontainers-keycloak#290

Full Changelog: dasniko/testcontainers-keycloak@v4.1.1...v4.2.0

v4.1.1

What's Changed

• Updated the keycloak-admin-client to 26.0.8, which is aligned to default server version 26.5.

Full Changelog: dasniko/testcontainers-keycloak@v4.1.0...v4.1.1

v4.1.0

What's New

Nothing new, just use Keycloak v26.5 as default container version.

What's Changed

• fix: Wait for log output "Listening..." to wait until optional imports are done by @​marbon87 in dasniko/testcontainers-keycloak#258
• chore(deps-dev): bump ch.qos.logback:logback-classic from 1.5.21 to 1.5.23 by @​dependabot[bot] in dasniko/testcontainers-keycloak#263
• chore(deps-dev): bump io.rest-assured:rest-assured from 5.5.6 to 6.0.0 by @​dependabot[bot] in dasniko/testcontainers-keycloak#261

New Contributors

• @​marbon87 made their first contribution in dasniko/testcontainers-keycloak#258

... (truncated)

Commits

• 7dbffab update Keycloak admin client to version 26.0.9
• bdf18fd don't publish generated release notes automatically
• f0d6de5 prepare for 4.2 release by updating keycloak dependencies and version
• c3b1893 chore: bump testcontainers.version to 2.0.4
• f1b3241 improve Maven deploy configuration
• 2f0ca0c chore: bump crazy-max/ghaction-import-gpg from 6 to 7 (#290)
• b9f52dd add pull request template
• ce04109 add CONTRIBUTING.md
• a687df5 add customizable image pull policy with 24h default refresh (#289)
• be3b434 improve README SEO: richer intro and clearer feature flags heading
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Mend Scan Results

Status: ⚠️ Findings detected

⚠️ SCA findings detected

⚠️ SAST findings detected

SCA scan output

EDIUM]
			|-- opentelemetry-sdk-common-1.58.0.jar
				|-- opentelemetry-api-1.12.0.redhat-00001.jar [1 MEDIUM]
		|-- opentelemetry-semconv-1.29.0-alpha.jar
			|-- opentelemetry-api-1.12.0.redhat-00001.jar [1 MEDIUM]
	|-- hibernate-validator-6.0.23.Final-redhat-00001.jar [1 HIGH]
|-- rest-api-3.6.0-SNAPSHOT-java-client-jakarta.jar
	|-- hibernate-validator-6.0.23.Final-redhat-00001.jar [1 HIGH]
|-- rest-client-3.6.0-SNAPSHOT-jakarta.jar
	|-- vertx-core-3.9.14.jar [1 MEDIUM]
		|-- netty-codec-http2-4.2.9.Final.jar [2 HIGH, 3 MEDIUM]
			|-- netty-codec-compression-4.2.9.Final.jar [1 HIGH]
			|-- netty-codec-http-4.2.9.Final.jar [3 HIGH, 5 MEDIUM]
			|-- netty-handler-4.1.77.Final-redhat-00001.jar [4 HIGH, 1 MEDIUM]
		|-- netty-codec-http-4.2.9.Final.jar [3 HIGH, 5 MEDIUM]
			|-- netty-codec-compression-4.2.9.Final.jar [1 HIGH]
			|-- netty-handler-4.1.77.Final-redhat-00001.jar [4 HIGH, 1 MEDIUM]
		|-- netty-handler-proxy-4.2.9.Final.jar [1 MEDIUM]
			|-- netty-codec-http-4.2.9.Final.jar [3 HIGH, 5 MEDIUM]
			|-- netty-handler-4.1.77.Final-redhat-00001.jar [4 HIGH, 1 MEDIUM]
		|-- netty-handler-4.1.77.Final-redhat-00001.jar [4 HIGH, 1 MEDIUM]
		|-- netty-resolver-dns-4.2.9.Final.jar [2 HIGH, 1 MEDIUM]
			|-- netty-codec-dns-4.2.9.Final.jar [1 HIGH]
			|-- netty-handler-4.1.77.Final-redhat-00001.jar [4 HIGH, 1 MEDIUM]
rest-client-3.6.0-SNAPSHOT.jar
|-- vertx-core-3.9.14.jar [1 MEDIUM]
	|-- netty-codec-http2-4.2.9.Final.jar [2 HIGH, 3 MEDIUM]
		|-- netty-codec-compression-4.2.9.Final.jar [1 HIGH]
		|-- netty-codec-http-4.2.9.Final.jar [3 HIGH, 5 MEDIUM]
		|-- netty-handler-4.1.77.Final-redhat-00001.jar [4 HIGH, 1 MEDIUM]
	|-- netty-codec-http-4.2.9.Final.jar [3 HIGH, 5 MEDIUM]
		|-- netty-codec-compression-4.2.9.Final.jar [1 HIGH]
		|-- netty-handler-4.1.77.Final-redhat-00001.jar [4 HIGH, 1 MEDIUM]
	|-- netty-handler-proxy-4.2.9.Final.jar [1 MEDIUM]
		|-- netty-codec-http-4.2.9.Final.jar [3 HIGH, 5 MEDIUM]
		|-- netty-handler-4.1.77.Final-redhat-00001.jar [4 HIGH, 1 MEDIUM]
	|-- netty-handler-4.1.77.Final-redhat-00001.jar [4 HIGH, 1 MEDIUM]
	|-- netty-resolver-dns-4.2.9.Final.jar [2 HIGH, 1 MEDIUM]
		|-- netty-codec-dns-4.2.9.Final.jar [1 HIGH]
		|-- netty-handler-4.1.77.Final-redhat-00001.jar [4 HIGH, 1 MEDIUM]
|-- common-3.6.0-SNAPSHOT.jar
	|-- opentelemetry-instrumentation-annotations-2.24.0.jar
		|-- opentelemetry-api-1.12.0.redhat-00001.jar [1 MEDIUM]
|-- dto-3.6.0-SNAPSHOT-patch-builders.jar
	|-- hibernate-validator-6.0.23.Final-redhat-00001.jar [1 HIGH]
	|-- pnc-api-3.5.0.jar
		|-- hibernate-validator-6.0.23.Final-redhat-00001.jar [1 HIGH]
|-- rest-api-3.6.0-SNAPSHOT-java-client.jar
	|-- hibernate-validator-6.0.23.Final-redhat-00001.jar [1 HIGH]
	|-- dto-3.6.0-SNAPSHOT.jar
		|-- hibernate-validator-6.0.23.Final-redhat-00001.jar [1 HIGH]
spi-3.6.0-SNAPSHOT.jar
|-- opentelemetry-instrumentation-annotations-2.24.0.jar
	|-- opentelemetry-api-1.12.0.redhat-00001.jar [1 MEDIUM]
|-- dto-3.6.0-SNAPSHOT.jar
	|-- hibernate-validator-6.0.23.Final-redhat-00001.jar [1 HIGH]
	|-- pnc-api-3.5.0.jar
		|-- hibernate-validator-6.0.23.Final-redhat-00001.jar [1 HIGH]
|-- model-3.6.0-SNAPSHOT.jar
	|-- hibernate-validator-6.0.23.Final-redhat-00001.jar [1 HIGH]
	|-- pnc-common-3.4.0.jar
		|-- opentelemetry-ext-cli-java-1.5.0.jar
			|-- opentelemetry-api-1.12.0.redhat-00001.jar [1 MEDIUM]
			|-- opentelemetry-exporter-otlp-1.58.0.jar
				|-- opentelemetry-exporter-sender-okhttp-1.58.0.jar
					|-- opentelemetry-exporter-common-1.58.0.jar
						|-- opentelemetry-api-1.12.0.redhat-00001.jar [1 MEDIUM]
				|-- opentelemetry-sdk-logs-1.58.0.jar
					|-- opentelemetry-api-1.12.0.redhat-00001.jar [1 MEDIUM]
				|-- opentelemetry-sdk-trace-1.58.0.jar
					|-- opentelemetry-api-1.12.0.redhat-00001.jar [1 MEDIUM]
			|-- opentelemetry-sdk-1.58.0.jar
				|-- opentelemetry-api-1.12.0.redhat-00001.jar [1 MEDIUM]
				|-- opentelemetry-sdk-common-1.58.0.jar
					|-- opentelemetry-api-1.12.0.redhat-00001.jar [1 MEDIUM]
				|-- opentelemetry-sdk-metrics-1.58.0.jar
					|-- opentelemetry-api-1.12.0.redhat-00001.jar [1 MEDIUM]
			|-- opentelemetry-semconv-1.29.0-alpha.jar
				|-- opentelemetry-api-1.12.0.redhat-00001.jar [1 MEDIUM]
		|-- hibernate-validator-6.0.23.Final-redhat-00001.jar [1 HIGH]
test-common-3.6.0-SNAPSHOT.jar
|-- shrinkwrap-resolver-impl-maven-archive-3.3.4.jar
	|-- guice-5.1.0.jar
		|-- guava-30.1.0.redhat-00001.jar [1 MEDIUM, 1 LOW]
	|-- plexus-compiler-javac-2.15.0.jar
		|-- plexus-compiler-api-2.15.0.jar
			|-- plexus-utils-3.5.1.jar [1 HIGH]
		|-- plexus-utils-3.5.1.jar [1 HIGH]
	|-- plexus-utils-3.5.1.jar [1 HIGH]
|-- shrinkwrap-resolver-impl-maven-3.3.4.jar
	|-- guava-30.1.0.redhat-00001.jar [1 MEDIUM, 1 LOW]
	|-- maven-model-builder-3.9.9.jar
		|-- guava-30.1.0.redhat-00001.jar [1 MEDIUM, 1 LOW]
		|-- maven-artifact-3.9.9.jar
			|-- plexus-utils-3.5.1.jar [1 HIGH]
	|-- maven-model-3.9.9.jar
		|-- plexus-utils-3.5.1.jar [1 HIGH]
	|-- maven-repository-metadata-3.9.9.jar
		|-- plexus-utils-3.5.1.jar [1 HIGH]
	|-- maven-resolver-provider-3.9.9.jar
		|-- guava-30.1.0.redhat-00001.jar [1 MEDIUM, 1 LOW]
		|-- plexus-utils-3.5.1.jar [1 HIGH]
	|-- maven-settings-builder-3.9.9.jar
		|-- plexus-utils-3.5.1.jar [1 HIGH]
	|-- maven-settings-3.9.9.jar
		|-- plexus-utils-3.5.1.jar [1 HIGH]
	|-- plexus-sec-dispatcher-2.0.jar
		|-- plexus-utils-3.5.1.jar [1 HIGH]
	|-- plexus-utils-3.5.1.jar [1 HIGH]
	|-- org.eclipse.sisu.plexus-0.9.0.M3.jar
		|-- plexus-utils-3.5.1.jar [1 HIGH]
		|-- plexus-xml-3.0.1.jar
			|-- plexus-utils-3.5.1.jar [1 HIGH]


No Policy violations were detected

Project 'pnc' was updated, for more information, visit the Mend platform: https://ibmets.whitesourcesoftware.com/app/orgs/Enterprise%20Applications/applications/summary?project=0225ec74-4391-4ac9-bfb5-714664caa6bb
Or the Core UI: https://ibmets.whitesourcesoftware.com/Wss/WSS.html#!project;token=c9f6fd516a5241de98250adf2d7ea547bc93772d823b4ff28dd89e6f18810351

Mend AI scan succeeded.

Support Token: 3b4ef9444bb734c63ba3e1f5f70fbf7d91781556499686

SAST scan output

warning: 'error' method of 'org.slf4j.Logger' object could be abused to perform a Log Injection attack. User input reached a Log4j sink. (mapper/src/main/java/org/jboss/pnc/mapper/abstracts/AbstractArtifactMapper.java:92)

Full logs and artifacts