Resolve merge conflicts by nscuro · Pull Request #17 · lmco/hyades-apiserver

nscuro · 2025-07-27T14:19:25Z

Description

Pulls in the latest changes from main and resolves merge conflicts.

Addressed Issue

DependencyTrack#1325

Additional Details

N/A

Checklist

I have read and understand the contributing guidelines
~~This PR fixes a defect, and I have provided tests to verify that the fix is effective~~
~~This PR implements an enhancement, and I have provided tests to verify that it works as intended~~
~~This PR introduces changes to the database model, and I have updated the migration changelog accordingly~~
~~This PR introduces new or alters existing behavior, and I have updated the documentation accordingly~~

Bumps [io.swagger.parser.v3:swagger-parser](https://github.com/swagger-api/swagger-parser) from 2.1.30 to 2.1.31. - [Release notes](https://github.com/swagger-api/swagger-parser/releases) - [Commits](swagger-api/swagger-parser@v2.1.30...v2.1.31) --- updated-dependencies: - dependency-name: io.swagger.parser.v3:swagger-parser dependency-version: 2.1.31 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-lang3 dependency-version: 3.18.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps `lib.liquibase.version` from 4.32.0 to 4.33.0. Updates `org.liquibase:liquibase-core` from 4.32.0 to 4.33.0 - [Release notes](https://github.com/liquibase/liquibase/releases) - [Changelog](https://github.com/liquibase/liquibase/blob/master/changelog.txt) - [Commits](liquibase/liquibase@v4.32.0...v4.33.0) Updates `org.liquibase:liquibase-maven-plugin` from 4.32.0 to 4.33.0 - [Release notes](https://github.com/liquibase/liquibase/releases) - [Changelog](https://github.com/liquibase/liquibase/blob/master/changelog.txt) - [Commits](liquibase/liquibase@v4.32.0...v4.33.0) --- updated-dependencies: - dependency-name: org.liquibase:liquibase-core dependency-version: 4.33.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.liquibase:liquibase-maven-plugin dependency-version: 4.33.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

…quibase.version-4.33.0

…ache.commons-commons-lang3-3.18.0

…gger.parser.v3-swagger-parser-2.1.31

Bumps [com.github.ben-manes.caffeine:caffeine](https://github.com/ben-manes/caffeine) from 3.2.1 to 3.2.2. - [Release notes](https://github.com/ben-manes/caffeine/releases) - [Commits](ben-manes/caffeine@v3.2.1...v3.2.2) --- updated-dependencies: - dependency-name: com.github.ben-manes.caffeine:caffeine dependency-version: 3.2.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps `lib.micrometer.version` from 1.15.1 to 1.15.2. Updates `io.micrometer:micrometer-registry-prometheus` from 1.15.1 to 1.15.2 - [Release notes](https://github.com/micrometer-metrics/micrometer/releases) - [Commits](micrometer-metrics/micrometer@v1.15.1...v1.15.2) Updates `io.micrometer:micrometer-registry-prometheus-simpleclient` from 1.15.1 to 1.15.2 - [Release notes](https://github.com/micrometer-metrics/micrometer/releases) - [Commits](micrometer-metrics/micrometer@v1.15.1...v1.15.2) --- updated-dependencies: - dependency-name: io.micrometer:micrometer-registry-prometheus dependency-version: 1.15.2 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.micrometer:micrometer-registry-prometheus-simpleclient dependency-version: 1.15.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…thub.ben-manes.caffeine-caffeine-3.2.2

…crometer.version-1.15.2

Signed-off-by: nscuro <[email protected]>

The result set doesn't contain any duplicate rows, no need to de-duplicate. Signed-off-by: nscuro <[email protected]>

Bumps com.google.cloud.sql:postgres-socket-factory from 1.25.1 to 1.25.2. --- updated-dependencies: - dependency-name: com.google.cloud.sql:postgres-socket-factory dependency-version: 1.25.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…ogle.cloud.sql-postgres-socket-factory-1.25.2

…ter-concise-endpoint

Bumps org.openapitools:openapi-generator-maven-plugin from 7.13.0 to 7.14.0. --- updated-dependencies: - dependency-name: org.openapitools:openapi-generator-maven-plugin dependency-version: 7.14.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps org.apache.maven:maven-artifact from 3.9.10 to 3.9.11. --- updated-dependencies: - dependency-name: org.apache.maven:maven-artifact dependency-version: 3.9.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…enapitools-openapi-generator-maven-plugin-7.14.0

…ache.maven-maven-artifact-3.9.11

Since making all mutating endpoints transactional, there exists a race condition where a BOM upload processing event might be consumed before the creation of the project the BOM was uploaded to got committed. This could cause the BOM processing to fail because the project didn't yet exist. Signed-off-by: nscuro <[email protected]>

Bumps [io.github.ascopes:protobuf-maven-plugin](https://github.com/ascopes/protobuf-maven-plugin) from 3.6.0 to 3.6.1. - [Release notes](https://github.com/ascopes/protobuf-maven-plugin/releases) - [Commits](ascopes/protobuf-maven-plugin@v3.6.0...v3.6.1) --- updated-dependencies: - dependency-name: io.github.ascopes:protobuf-maven-plugin dependency-version: 3.6.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.19.1 to 2.19.2. - [Commits](FasterXML/jackson-bom@jackson-bom-2.19.1...jackson-bom-2.19.2) --- updated-dependencies: - dependency-name: com.fasterxml.jackson:jackson-bom dependency-version: 2.19.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [com.zaxxer:HikariCP](https://github.com/brettwooldridge/HikariCP) from 6.3.0 to 6.3.1. - [Changelog](https://github.com/brettwooldridge/HikariCP/blob/dev/CHANGES) - [Commits](brettwooldridge/HikariCP@HikariCP-6.3.0...HikariCP-6.3.1) --- updated-dependencies: - dependency-name: com.zaxxer:HikariCP dependency-version: 6.3.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [org.junit:junit-bom](https://github.com/junit-team/junit-framework) from 5.13.3 to 5.13.4. - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.3...r5.13.4) --- updated-dependencies: - dependency-name: org.junit:junit-bom dependency-version: 5.13.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [commons-io:commons-io](https://github.com/apache/commons-io) from 2.19.0 to 2.20.0. - [Changelog](https://github.com/apache/commons-io/blob/master/RELEASE-NOTES.txt) - [Commits](apache/commons-io@rel/commons-io-2.19.0...rel/commons-io-2.20.0) --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

…xxer-HikariCP-6.3.1

…hub.ascopes-protobuf-maven-plugin-3.6.1

…s-io-commons-io-2.20.0

…sterxml.jackson-jackson-bom-2.19.2

Bumps [stoplightio/spectral-action](https://github.com/stoplightio/spectral-action) from 0.8.12 to 0.8.13. - [Release notes](https://github.com/stoplightio/spectral-action/releases) - [Commits](stoplightio/spectral-action@577bade...6416fd0) --- updated-dependencies: - dependency-name: stoplightio/spectral-action dependency-version: 0.8.13 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…nit-junit-bom-5.13.4

…ns/stoplightio/spectral-action-0.8.13

Signed-off-by: nscuro <[email protected]>

Bumps [com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions) from 11.26 to 11.26.1. - [Changelog](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt) - [Commits](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/11.26.1..11.26) --- updated-dependencies: - dependency-name: com.nimbusds:oauth2-oidc-sdk dependency-version: 11.26.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [com.zaxxer:HikariCP](https://github.com/brettwooldridge/HikariCP) from 6.3.1 to 6.3.2. - [Changelog](https://github.com/brettwooldridge/HikariCP/blob/dev/CHANGES) - [Commits](brettwooldridge/HikariCP@HikariCP-6.3.1...HikariCP-6.3.2) --- updated-dependencies: - dependency-name: com.zaxxer:HikariCP dependency-version: 6.3.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…xxer-HikariCP-6.3.2

…mbusds-oauth2-oidc-sdk-11.26.1

…to gitlab-integration-bom-upload-fix-mcs

dependabot Bot and others added 30 commits July 8, 2025 15:02

Merge pull request #1315 from DependencyTrack/dependabot/maven/lib.li…

5dc0d02

…quibase.version-4.33.0

Merge pull request #1314 from DependencyTrack/dependabot/maven/org.ap…

aecea73

…ache.commons-commons-lang3-3.18.0

Merge pull request #1313 from DependencyTrack/dependabot/maven/io.swa…

ba27a17

…gger.parser.v3-swagger-parser-2.1.31

Merge pull request #1317 from DependencyTrack/dependabot/maven/com.gi…

d92cc12

…thub.ben-manes.caffeine-caffeine-3.2.2

Merge pull request #1318 from DependencyTrack/dependabot/maven/lib.mi…

ce56a1f

…crometer.version-1.15.2

Restrict portfolio metrics to only include projects a user has access to

56bdca5

Signed-off-by: nscuro <[email protected]>

Remove redundant DISTINCT

491b69f

The result set doesn't contain any duplicate rows, no need to de-duplicate. Signed-off-by: nscuro <[email protected]>

Merge pull request #1316 from DependencyTrack/issue-1680-

60b4774

Merge pull request #1319 from DependencyTrack/dependabot/maven/com.go…

af1d513

…ogle.cloud.sql-postgres-socket-factory-1.25.2

Add REST API v2 foundation (#1245)

a3b16ef

Add version filter to concise project endpoints

98880ce

Various REST API v2 fixes (#1320)

b3dcff7

Merge pull request #1321 from DependencyTrack/add-project-version-fil…

a9ac1bc

…ter-concise-endpoint

Merge pull request #1322 from DependencyTrack/dependabot/maven/org.op…

8dc8b4e

…enapitools-openapi-generator-maven-plugin-7.14.0

Remove recursive parent ref from workflow states response (#1326)

1580354

Bump Kafka to 3.9.1 (#1324)

208de8c

Merge pull request #1323 from DependencyTrack/dependabot/maven/org.ap…

9241068

…ache.maven-maven-artifact-3.9.11

Enable OpenAPI breaking change detection workflow (#1327)

61bcd4a

Merge pull request #1329 from DependencyTrack/fix-bom-upload-rc

1e0fda2

dependabot Bot and others added 22 commits July 21, 2025 14:53

Merge pull request #1332 from DependencyTrack/dependabot/maven/com.za…

c773d74

…xxer-HikariCP-6.3.1

Merge pull request #1330 from DependencyTrack/dependabot/maven/io.git…

5e45f6e

…hub.ascopes-protobuf-maven-plugin-3.6.1

Merge pull request #1335 from DependencyTrack/dependabot/maven/common…

648fcc1

…s-io-commons-io-2.20.0

Merge pull request #1331 from DependencyTrack/dependabot/maven/com.fa…

18c3092

…sterxml.jackson-jackson-bom-2.19.2

Fix /api/v1/project/concise performance regression (#1333)

60f056e

Merge pull request #1334 from DependencyTrack/dependabot/maven/org.ju…

c05c2ad

…nit-junit-bom-5.13.4

Merge pull request #1336 from DependencyTrack/dependabot/github_actio…

846e194

…ns/stoplightio/spectral-action-0.8.13

Implement generic init task mechanism

73cc24d

Signed-off-by: nscuro <[email protected]>

Fix next page URL generation (#1328)

43a1293

Fix HikariCP failure to create meter registry (#1337)

aba3f80

Fix flaky testCreateMetricsPartitions test (#1338)

b08d3da

Merge pull request #1296 from DependencyTrack/init-task-abstraction

c06b427

Merge pull request #1341 from DependencyTrack/dependabot/maven/com.za…

00e379c

…xxer-HikariCP-6.3.2

Merge pull request #1340 from DependencyTrack/dependabot/maven/com.ni…

6490c38

…mbusds-oauth2-oidc-sdk-11.26.1

Use project.version to refer to submodules (#1339)

db00ad6

Merge branch 'main' of github.com:DependencyTrack/hyades-apiserver in…

318432a

…to gitlab-integration-bom-upload-fix-mcs

nscuro mentioned this pull request Jul 27, 2025

Gitlab integration DependencyTrack/hyades-apiserver#1325

Open

5 tasks

jhoward-lm approved these changes Jul 28, 2025

View reviewed changes

jhoward-lm merged commit 7dc5a45 into lmco:gitlab-integration-bom-upload Jul 28, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Resolve merge conflicts#17

Resolve merge conflicts#17
jhoward-lm merged 52 commits into
lmco:gitlab-integration-bom-uploadfrom
DependencyTrack:gitlab-integration-bom-upload-fix-mcs

nscuro commented Jul 27, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

nscuro commented Jul 27, 2025

Description

Addressed Issue

Additional Details

Checklist

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants