Bump org.eclipse.jgit:org.eclipse.jgit from 7.6.0.202603022253-r to 7.7.0.202606012155-r by dependabot[bot] · Pull Request #351 · project-ncl/reqour

dependabot · 2026-06-16T22:43:05Z

Bumps org.eclipse.jgit:org.eclipse.jgit from 7.6.0.202603022253-r to 7.7.0.202606012155-r.

Commits

e15d659 JGit v7.7.0.202606012155-r
16df208 Merge branch 'master' into stable-7.7
a6a41b9 Merge branch 'stable-7.6'
84486f7 Merge branch 'stable-7.5' into stable-7.6
ee07d2b Merge branch 'stable-7.4' into stable-7.5
b6ab654 Merge branch 'stable-7.3' into stable-7.4
305fbee Merge branch 'stable-7.2' into stable-7.3
dd1d7b0 Merge branch 'stable-7.1' into stable-7.2
49b2a10 Merge branch 'stable-7.0' into stable-7.1
957ef28 Merge branch 'stable-6.10' into stable-7.0
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [org.eclipse.jgit:org.eclipse.jgit](https://github.com/eclipse-jgit/jgit) from 7.6.0.202603022253-r to 7.7.0.202606012155-r. - [Commits](eclipse-jgit/jgit@v7.6.0.202603022253-r...v7.7.0.202606012155-r) --- updated-dependencies: - dependency-name: org.eclipse.jgit:org.eclipse.jgit dependency-version: 7.7.0.202606012155-r dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-06-16T22:58:31Z

Mend Scan Results

Status: ⚠️ Findings detected

⚠️ SCA findings detected

SCA scan output

36.0.jar
			|-- vertx-grpc-4.5.27.jar
				|-- grpc-netty-1.81.0.jar
					|-- netty-codec-http2-4.1.133.Final.jar [3 MEDIUM]
|-- quarkus-oidc-client-3.36.0.jar
	|-- quarkus-vertx-3.36.0.jar
		|-- netty-codec-haproxy-4.1.133.Final.jar [2 HIGH]
		|-- quarkus-netty-3.36.0.jar
			|-- netty-codec-http2-4.1.133.Final.jar [3 MEDIUM]
				|-- netty-codec-http-4.1.133.Final.jar [1 MEDIUM]
				|-- netty-handler-4.1.133.Final.jar [3 HIGH]
			|-- netty-codec-http-4.1.133.Final.jar [1 MEDIUM]
			|-- netty-handler-4.1.133.Final.jar [3 HIGH]
|-- quarkus-smallrye-fault-tolerance-3.36.0.jar
	|-- smallrye-fault-tolerance-6.11.1.jar
		|-- micrometer-core-1.16.5.jar [2 HIGH]
		|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
		|-- smallrye-fault-tolerance-core-6.11.1.jar
			|-- micrometer-core-1.16.5.jar [2 HIGH]
			|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
|-- quarkus-logging-kafka-3.0.4.jar
	|-- kafka-log4j-appender-3.9.2.jar
		|-- kafka-clients-4.2.0.jar [1 MEDIUM]
		|-- slf4j-reload4j-1.7.36.jar
			|-- reload4j-1.2.19.jar [1 MEDIUM]
|-- pnc-common-3.5.0-jakarta.jar
	|-- opentelemetry-ext-cli-java-2.0.0.jar
		|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
		|-- opentelemetry-sdk-1.60.1.jar
			|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
			|-- opentelemetry-sdk-common-1.60.1.jar
				|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
			|-- opentelemetry-sdk-trace-1.60.1.jar
				|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
		|-- opentelemetry-semconv-1.29.0-alpha.jar
			|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
	|-- jsoup-1.22.2.jar
		|-- netty-codec-http-4.1.133.Final.jar [1 MEDIUM]
		|-- netty-handler-4.1.133.Final.jar [3 HIGH]
reqour-rest-3.5.3-SNAPSHOT.jar
|-- quarkus-micrometer-opentelemetry-3.36.0.jar
	|-- opentelemetry-micrometer-1.5-2.26.1-alpha.jar
		|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
	|-- quarkus-micrometer-3.36.0.jar
		|-- micrometer-core-1.16.5.jar [2 HIGH]
			|-- kafka-clients-4.2.0.jar [1 MEDIUM]
		|-- kafka-clients-4.2.0.jar [1 MEDIUM]
	|-- quarkus-opentelemetry-3.36.0.jar
		|-- opentelemetry-instrumentation-annotations-support-2.26.1-alpha.jar
			|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
		|-- opentelemetry-instrumentation-annotations-2.26.1.jar
			|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
		|-- opentelemetry-instrumentation-api-2.26.1.jar
			|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
		|-- opentelemetry-jdbc-2.26.1-alpha.jar
			|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
		|-- opentelemetry-runtime-telemetry-java17-2.26.1-alpha.jar
			|-- opentelemetry-runtime-telemetry-2.26.1-alpha.jar
				|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
			|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
		|-- opentelemetry-api-incubator-1.60.1-alpha.jar
			|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
		|-- opentelemetry-exporter-otlp-common-1.60.1.jar
			|-- opentelemetry-exporter-common-1.60.1.jar
				|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
		|-- opentelemetry-exporter-otlp-1.60.1.jar
			|-- opentelemetry-sdk-logs-1.60.1.jar
				|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
			|-- opentelemetry-sdk-metrics-1.60.1.jar
				|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
			|-- opentelemetry-sdk-trace-1.60.1.jar
				|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
		|-- opentelemetry-sdk-1.60.1.jar
			|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
			|-- opentelemetry-sdk-common-1.60.1.jar
				|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
		|-- quarkus-grpc-common-3.36.0.jar
			|-- vertx-grpc-4.5.27.jar
				|-- grpc-netty-1.81.0.jar
					|-- netty-codec-http2-4.1.133.Final.jar [3 MEDIUM]
|-- quarkus-oidc-3.36.0.jar
	|-- quarkus-vertx-3.36.0.jar
		|-- netty-codec-haproxy-4.1.133.Final.jar [2 HIGH]
		|-- quarkus-netty-3.36.0.jar
			|-- netty-codec-http2-4.1.133.Final.jar [3 MEDIUM]
				|-- netty-codec-http-4.1.133.Final.jar [1 MEDIUM]
				|-- netty-handler-4.1.133.Final.jar [3 HIGH]
			|-- netty-codec-http-4.1.133.Final.jar [1 MEDIUM]
			|-- netty-handler-4.1.133.Final.jar [3 HIGH]
|-- quarkus-rest-jackson-3.36.0.jar
	|-- quarkus-rest-3.36.0.jar
		|-- quarkus-virtual-threads-3.36.0.jar
			|-- vertx-core-4.5.27.jar
				|-- netty-codec-haproxy-4.1.133.Final.jar [2 HIGH]
				|-- netty-codec-http2-4.1.133.Final.jar [3 MEDIUM]
				|-- netty-codec-http-4.1.133.Final.jar [1 MEDIUM]
				|-- netty-handler-proxy-4.1.133.Final.jar
					|-- netty-codec-http-4.1.133.Final.jar [1 MEDIUM]
					|-- netty-handler-4.1.133.Final.jar [3 HIGH]
				|-- netty-handler-4.1.133.Final.jar [3 HIGH]
				|-- netty-resolver-dns-4.1.133.Final.jar [2 HIGH, 1 MEDIUM]
					|-- netty-handler-4.1.133.Final.jar [3 HIGH]
|-- reqour-core-3.5.3-SNAPSHOT.jar
	|-- netty-codec-http-4.1.133.Final.jar [1 MEDIUM]
		|-- netty-handler-4.1.133.Final.jar [3 HIGH]
	|-- quarkus-smallrye-fault-tolerance-3.36.0.jar
		|-- smallrye-fault-tolerance-6.11.1.jar
			|-- micrometer-core-1.16.5.jar [2 HIGH]
			|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
			|-- smallrye-fault-tolerance-core-6.11.1.jar
				|-- micrometer-core-1.16.5.jar [2 HIGH]
				|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
	|-- quarkus-logging-kafka-3.0.4.jar
		|-- kafka-log4j-appender-3.9.2.jar
			|-- kafka-clients-4.2.0.jar [1 MEDIUM]
			|-- slf4j-reload4j-1.7.36.jar
				|-- reload4j-1.2.19.jar [1 MEDIUM]
	|-- pnc-common-3.5.0-jakarta.jar
		|-- opentelemetry-ext-cli-java-2.0.0.jar
			|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
			|-- opentelemetry-semconv-1.29.0-alpha.jar
				|-- opentelemetry-api-1.60.1.jar [1 MEDIUM]
		|-- jsoup-1.22.2.jar
			|-- netty-codec-http-4.1.133.Final.jar [1 MEDIUM]
			|-- netty-handler-4.1.133.Final.jar [3 HIGH]


No Policy violations were detected

Project 'reqour' was updated, for more information, visit the Mend platform: https://ibmets.whitesourcesoftware.com/app/orgs/Enterprise%20Applications/applications/summary?project=f431aad9-9460-46b3-b3eb-677bf83ee360
Or the Core UI: https://ibmets.whitesourcesoftware.com/Wss/WSS.html#!project;token=422537de190243159a22de2ea487cb28df2e499972f34f1481f455b690290cb7

Mend AI scan succeeded.

Support Token: 36200d49c2cfb48ad806d20a337872b131781650667238

SAST scan output

*no findings*

Full logs and artifacts

dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jun 16, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump org.eclipse.jgit:org.eclipse.jgit from 7.6.0.202603022253-r to 7.7.0.202606012155-r#351

Bump org.eclipse.jgit:org.eclipse.jgit from 7.6.0.202603022253-r to 7.7.0.202606012155-r#351
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/org.eclipse.jgit-org.eclipse.jgit-7.7.0.202606012155-r

dependabot Bot commented on behalf of github Jun 16, 2026

Uh oh!

github-actions Bot commented Jun 16, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 16, 2026

Uh oh!

github-actions Bot commented Jun 16, 2026

Mend Scan Results

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants