[DUOS-1740-dependabot]: Bump the maven-dependencies group with 10 updates

[dependabot]

Bumps the maven-dependencies group with 10 updates:

Package	From	To
com.fasterxml.jackson.core:jackson-core	2.16.0	2.16.1
com.fasterxml.jackson.core:jackson-annotations	2.16.0	2.16.1
io.sentry:sentry	7.0.0	7.1.0
org.slf4j:slf4j-api	2.0.9	2.0.10
org.eclipse.jetty.http2:http2-common	11.0.18	11.0.19
org.liquibase:liquibase-core	4.25.0	4.25.1
org.jsoup:jsoup	1.17.1	1.17.2
com.google.guava:guava	32.1.3-jre	33.0.0-jre
org.owasp:dependency-check-maven	9.0.6	9.0.7
org.apache.maven.plugins:maven-compiler-plugin	3.11.0	3.12.1

Updates com.fasterxml.jackson.core:jackson-core from 2.16.0 to 2.16.1

Commits

• 249716c [maven-release-plugin] prepare release jackson-core-2.16.1
• 125f5b2 Prepare for 2.16.1 release
• 1928b07 Minor test improvements
• aa5c887 Minor tweaking post-merge wrt #1175
• 9fb3f21 Add failing tests for #1173: parse error location (#1175)
• 4eb4539 Backport #1168 in 2.16(.1)
• 571d4ae Merge branch '2.15' into 2.16
• 8f37646 Update release notes wrt #1161 backport
• 8f2f04e fastdoubleparser 1.0.0 (#1163) (#1166)
• 7f1c619 Update release notes wrt #1161
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-annotations from 2.16.0 to 2.16.1

Commits

• See full diff in compare view

Updates io.sentry:sentry from 7.0.0 to 7.1.0

Release notes

Sourced from io.sentry:sentry's releases.

7.1.0

Features

• Support multiple debug-metadata.properties (#3024)
• Automatically downsample transactions when the system is under load (#3072)
  • You can opt into this behaviour by setting enable-backpressure-handling=true.
  • We're happy to receive feedback, e.g. in this GitHub issue
  • When the system is under load we start reducing the tracesSampleRate automatically.
  • Once the system goes back to healthy, we reset the tracesSampleRate to its original value.
• (Android) Experimental: Provide more detailed cold app start information (#3057)
  • Attaches spans for Application, ContentProvider, and Activities to app-start timings
  • Uses Process.startUptimeMillis to calculate app-start timings
  • To enable this feature set options.isEnablePerformanceV2 = true
• Move slow+frozen frame calculation, as well as frame delay inside SentryFrameMetricsCollector (#3100)
• Extract Activity Breadcrumbs generation into own Integration (#3064)

Fixes

• Send breadcrumbs and client error in SentryOkHttpEventListener even without transactions (#3087)
• Keep io.sentry.exception.SentryHttpClientException from obfuscation to display proper issue title on Sentry (#3093)
• (Android) Fix wrong activity transaction duration in case SDK init is deferred (#3092)

Dependencies

• Bump Gradle from v8.4.0 to v8.5.0 (#3070)
  • changelog
  • diff

Changelog

Sourced from io.sentry:sentry's changelog.

7.1.0

Features

• Support multiple debug-metadata.properties (#3024)
• Automatically downsample transactions when the system is under load (#3072)
  • You can opt into this behaviour by setting enable-backpressure-handling=true.
  • We're happy to receive feedback, e.g. in this GitHub issue
  • When the system is under load we start reducing the tracesSampleRate automatically.
  • Once the system goes back to healthy, we reset the tracesSampleRate to its original value.
• (Android) Experimental: Provide more detailed cold app start information (#3057)
  • Attaches spans for Application, ContentProvider, and Activities to app-start timings
  • Application and ContentProvider timings are added using bytecode instrumentation, which requires sentry-android-gradle-plugin version 4.1.0 or newer
  • Uses Process.startUptimeMillis to calculate app-start timings
  • To enable this feature set options.isEnablePerformanceV2 = true
• Move slow+frozen frame calculation, as well as frame delay inside SentryFrameMetricsCollector (#3100)
• Extract Activity Breadcrumbs generation into own Integration (#3064)

Fixes

• Send breadcrumbs and client error in SentryOkHttpEventListener even without transactions (#3087)
• Keep io.sentry.exception.SentryHttpClientException from obfuscation to display proper issue title on Sentry (#3093)
• (Android) Fix wrong activity transaction duration in case SDK init is deferred (#3092)
• Get rid of "is not eligible for getting processed by all BeanPostProcessors" warnings in Spring Boot (#3108)

Dependencies

• Bump Gradle from v8.4.0 to v8.5.0 (#3070)
  • changelog
  • diff

Commits

• e0ea698 release: 7.1.0
• eefb169 Fix wrong txn duration in case SDK init is deferred (#3092)
• 941e097 Bump reactivecircus/android-emulator-runner from 2.28.0 to 2.29.0 (#3089)
• 8a9c60a Bump gradle/gradle-build-action from 2.10.0 to 2.11.0 (#3105)
• 50836e5 Bump actions/setup-java from 3 to 4 (#3077)
• 216275a Bump actions/upload-artifact from 3 to 4 (#3104)
• 8ccdc9b Extract Activity Breadcrumbs generation into own Integration (#3064)
• 8ff8fd0 Automatically downsample transaction when system is under load (backpressure)...
• 8d62770 Move slow+frozen frame calculation, as well as frame delay inside SentryFrame...
• 7eccfdb [Starfish] Attach app-start spans (#3057)
• Additional commits viewable in compare view

Updates org.slf4j:slf4j-api from 2.0.9 to 2.0.10

Updates org.eclipse.jetty.http2:http2-common from 11.0.18 to 11.0.19

Updates org.liquibase:liquibase-core from 4.25.0 to 4.25.1

Release notes

Sourced from org.liquibase:liquibase-core's releases.

Liquibase v4.25.1

Liquibase 4.25.1 is a patch release

[!NOTE] See the Liquibase 4.25.1 Release Notes for the complete set of release information.

Notable Changes

[PRO]

Observability: Update Reports

• These reports give you insights into the status of your database and enable you to quickly find and resolve errors in your automation pipeline. These reports can also help you detect patterns of failures that you can catch with Quality Checks or use to inform internal training and education for your teams.
• Learn more about Update Reports

Observability: Drift Report extended to diffchangelog command

• With our new HTML format, you can quickly see the differences between databases, including detailed object differences. This easy-to-read and shareable report makes it faster than ever to detect and fix database drift.
• Learn more Drift Reports

Observability: Structured Logging Enhancement

Thanks to your feedback, we’ve added a new set of keys that improves data analysis capabilities surrounding exceptions and Quality Checks. Learn more at Structured Logging

Convenience: new liquibase connect command

• A new command to test your database's url, username, and password are all configured correctly and that Liquibase can reach your database -- and no changelog required.
• Learn more liquibase connect command

Convenience: Global endDelimiters

• Global endDelimiters decrease the friction of incorporating work from different teams and save you time from the manual process of updating existing code.
• Learn more Global endDelimiters

[PRO]

Changes and Bug Fixes

• (#1417) DAT-16405: make report arguments visible on update-family commands by StevenMassaro
• (#1361) DAT-16064: Added test for exception details by wwillard7800
• (#1420) DAT-16429: Handle no license key in checks run command by wwillard7800
• (#1411) DAT-16063: include changeset identifier in log message for failing comment removal by StevenMassaro
• (#1408) DAT-15379: Updated pattern matching for 'USE DATABASE' statements by filipelautert
• (#1404) DAT-16157: do not upgrade checks file if autoUpdate is off by StevenMassaro
• (#1390) DAT-14570: add checks run results to MDC by StevenMassaro
• (#1401) DAT-16322: add liquibase connect command by StevenMassaro
• (#1398) DAT-16318: Handle rollback changes during modifyChangeSets logic by wwillard7800
• (#1389) DAT-16207: Styled update reports by abrackx
• (#1383) DAT-16136: expand TableMustHaveAComment check to check changelogs by StevenMassaro
• (#1366) DAT-15394: Generate report for diff-changelog by abrackx
• (#1387) Init checksSettingsFiles list to avoid NPE by wwillard7800
• (#1364) DAT-15404: Tweak endDelimiter name and remove hidden flag by wwillard7800

... (truncated)

Changelog

Sourced from org.liquibase:liquibase-core's changelog.

Liquibase 4.25.1 is a patch release

Notable Changes

[PRO]

Observability: Update Reports

• These reports give you insights into the status of your database and enable you to quickly find and resolve errors in your automation pipeline. These reports can also help you detect patterns of failures that you can catch with Quality Checks or use to inform internal training and education for your teams.
• Learn more about Update Reports

Observability: Drift Report extended to diffchangelog command

• With our new HTML format, you can quickly see the differences between databases, including detailed object differences. This easy-to-read and shareable report makes it faster than ever to detect and fix database drift.
• Learn more Drift Reports

Convenience: new liquibase connect command

• A new command to test your database's url, username, and password are all configured correctly and that Liquibase can reach your database -- and no changelog required.
• Learn more liquibase connect command

Convenience: Global endDelimiters

• Global endDelimiters decrease the friction of incorporating work from different teams and save you time from the manual process of updating existing code.
• Learn more Global endDelimiters

[PRO]

Changes and Bug Fixes

• (#1417) DAT-16405: make report arguments visible on update-family commands by StevenMassaro
• (#1361) DAT-16064: Added test for exception details by wwillard7800
• (#1420) DAT-16429: Handle no license key in checks run command by wwillard7800
• (#1411) DAT-16063: include changeset identifier in log message for failing comment removal by StevenMassaro
• (#1408) DAT-15379: Updated pattern matching for 'USE DATABASE' statements by filipelautert
• (#1404) DAT-16157: do not upgrade checks file if autoUpdate is off by StevenMassaro
• (#1390) DAT-14570: add checks run results to MDC by StevenMassaro
• (#1401) DAT-16322: add liquibase connect command by StevenMassaro
• (#1398) DAT-16318: Handle rollback changes during modifyChangeSets logic by wwillard7800
• (#1389) DAT-16207: Styled update reports by abrackx
• (#1383) DAT-16136: expand TableMustHaveAComment check to check changelogs by StevenMassaro
• (#1366) DAT-15394: Generate report for diff-changelog by abrackx
• (#1387) Init checksSettingsFiles list to avoid NPE by wwillard7800
• (#1364) DAT-15404: Tweak endDelimiter name and remove hidden flag by wwillard7800
• (#1351) DAT-15640: Report for updateToTag by wwillard7800
• (#5366) add duplicatedChangesets to MDC (DAT-16452) @​StevenMassaro
• (#1400) DAT-16268: Fix unexpected objects verbiage by abrackx
• (#1342) Fixes problematic V8 checksums for pro CreateFunctionChange by filipelautert

[OSS]

New Features

• (#5186) Adding exception details key and implementation DAT-16064 @​wwillard7800
• (#5323) Updated PrimaryKeyExistsPrecondition to require table name for H2 databases @​filipelautert
• (#5268) Rework update summary to support reporting, add new update report fields (DAT-16207) @​abrackx
• (#5130) Update MySQL boolean behaviour from TinyInt(1) to TinyInt @​MalloD12

... (truncated)

Commits

• d208bf9 Release notes 4.25.1 (#5399)
• 73cb2e1 DAT-16494 Revert "Implemented ability for formatted SQL changelog to have rol...
• e605cee Update create-release.yml: set draft to true (#5388)
• 13df781 fix: use full commit-sha (#5387)
• 196a97c DAT-16471 DevOps: Attach artifatcs job fail (#5370)
• 15bf699 Downgrade ubuntu tests version (#5386)
• 87cf995 Downgrade ubuntu runner images version as current one are failing (#5384)
• 4136260 use first 7 digits of commit-sha (#5379)
• 8fb86c7 DAT-13175 Full automation of OSS extension release (#5383)
• 1408747 Merge pull request #5305 from liquibase/DAT-16354
• Additional commits viewable in compare view

Updates org.jsoup:jsoup from 1.17.1 to 1.17.2

Release notes

Sourced from org.jsoup:jsoup's releases.

jsoup Java HTML Parser release 1.17.2

Improvements

• Attribute object accessors: Added Element.attribute(String) and Attributes.attribute(String) to more simply obtain an Attribute object. 2069
• Attribute source tracking: If source tracking is on, and an Attribute's key is changed ( via Attribute.setKey(String)), the source range is now still tracked in Attribute.sourceRange(). 2070
• Wildcard attribute selector: Added support for the [*] element with any attribute selector. And also restored support for selecting by an empty attribute name prefix ([^]). 2079

Bug Fixes

• Mixed-cased source position: When tracking the source position of attributes, if the source attribute name was mix-cased but the parser was lower-case normalizing attribute names, the source position for that attribute was not tracked correctly. 2067
• Source position NPE: When tracking the source position of a body fragment parse, a null pointer exception was thrown. 2068
• Multi-point emoji entity: A multi-point encoded emoji entity may be incorrectly decoded to the replacement character. 2074
• Selector sub-expressions: (Regression) in a selector like parent [attr=va], other, the , OR was binding to [attr=va] instead of parent [attr=va], causing incorrect selections. The fix includes a EvaluatorDebug class that generates a sexpr to represent the query, allowing simpler and more thorough query parse tests. 2073
• XML CData output: When generating XML-syntax output from parsed HTML, script nodes containing (pseudo) CData sections would have an extraneous CData section added, causing script execution errors. Now, the data content is emitted in a HTML/XML/XHTML polyglot format, if the data is not already within a CData section. 2078
• Thread safety: The :has evaluator held a non-thread-safe Iterator, and so if an Evaluator object was shared across multiple concurrent threads, a NoSuchElement exception may be thrown, and the selected results may be incorrect. Now, the iterator object is a thread-local. 2088

Changelog

Sourced from org.jsoup:jsoup's changelog.

1.17.2 (2023-Dec-29)

Improvements

• Attribute object accessors: Added Element.attribute(String) and Attributes.attribute(String) to more simply obtain an Attribute object. 2069
• Attribute source tracking: If source tracking is on, and an Attribute's key is changed ( via Attribute.setKey(String)), the source range is now still tracked in Attribute.sourceRange(). 2070
• Wildcard attribute selector: Added support for the [*] element with any attribute selector. And also restored support for selecting by an empty attribute name prefix ([^]). 2079

Bug Fixes

• Mixed-cased source position: When tracking the source position of attributes, if the source attribute name was mix-cased but the parser was lower-case normalizing attribute names, the source position for that attribute was not tracked correctly. 2067
• Source position NPE: When tracking the source position of a body fragment parse, a null pointer exception was thrown. 2068
• Multi-point emoji entity: A multi-point encoded emoji entity may be incorrectly decoded to the replacement character. 2074
• Selector sub-expressions: (Regression) in a selector like parent [attr=va], other, the , OR was binding to [attr=va] instead of parent [attr=va], causing incorrect selections. The fix includes a EvaluatorDebug class that generates a sexpr to represent the query, allowing simpler and more thorough query parse tests. 2073
• XML CData output: When generating XML-syntax output from parsed HTML, script nodes containing (pseudo) CData sections would have an extraneous CData section added, causing script execution errors. Now, the data content is emitted in a HTML/XML/XHTML polyglot format, if the data is not already within a CData section. 2078
• Thread safety: The :has evaluator held a non-thread-safe Iterator, and so if an Evaluator object was shared across multiple concurrent threads, a NoSuchElement exception may be thrown, and the selected results may be incorrect. Now, the iterator object is a thread-local. 2088

---

Older changes for versions 0.1.1 (2010-Jan-31) through 1.17.1 (2023-Nov-27) may be found in change-archive.txt.

Commits

• 9dec1ba [maven-release-plugin] prepare release jsoup-1.17.2
• d3a5724 Changelog for 1.17.2
• 1963a7c Bump org.apache.maven.plugins:maven-compiler-plugin from 3.12.0 to 3.12.1 (#2...
• d4b2c36 Simplify node filtering operations using Streams API (#2080)
• 78be89a Move iter into Has class
• 374ded2 Use a threadlocal to hold the NodeIterator
• 4fb1036 Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.2 to 3.2.3 (#2086)
• c9ce65a Bump org.apache.maven.plugins:maven-failsafe-plugin from 3.2.2 to 3.2.3 (#2085)
• 20c9162 Bump org.apache.maven.plugins:maven-compiler-plugin from 3.11.0 to 3.12.0 (#2...
• d5bc100 Corrected namespace tests
• Additional commits viewable in compare view

Updates com.google.guava:guava from 32.1.3-jre to 33.0.0-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.0.0

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.0.0-jre</version>
  <!-- or, for Android: -->
  <version>33.0.0-android</version>
</dependency>

Jar files

• 33.0.0-jre.jar
• 33.0.0-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.1.jar

Javadoc

• 33.0.0-jre
• 33.0.0-android

JDiff

• 33.0.0-jre vs. 32.1.3-jre
• 33.0.0-android vs. 32.1.3-android
• 33.0.0-android vs. 33.0.0-jre

Changelog

• This version of guava-android contains some package-private methods whose signature includes the Java 8 Collector API. This is a test to identify any problems before we expose those methods publicly to users. Please report any problems that you encounter. (73dbf7ef26)
• Changed various classes to catch Exception instead of RuntimeException even when only RuntimeException is theoretically possible. This can help code that throws undeclared exceptions, as some bytecode rewriters (e.g., Robolectric) and languages (e.g., Kotlin) do. (c294c23760, 747924e, b2baf48)
• Added an Automatic-Module-Name to failureaccess, Guava's one strong runtime dependency. (280b5d2f60)
• reflect: In guava-android only, removed Invokable.getAnnotatedReturnType() and Parameter.getAnnotatedType(). These methods never worked in an Android VM, and to reflect that, they were born @Deprecated, @Beta, and @DoNotCall. They're now preventing us from rolling out some new Android compatibility testing. This is the only binary-incompatible change in this release, and it should have no effect in practice. Still, we bump the major version number to follow Semantic Versioning. (045cd8428f)
• util.concurrent: Changed our implementations to avoid eagerly initializing loggers during class loading. This can help performance, especially under Android. (4fe1df56bd)

Commits

• See full diff in compare view

Updates org.owasp:dependency-check-maven from 9.0.6 to 9.0.7

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 9.0.7

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 9.0.7 (2023-12-18)

• docs: document insecure configuration for GHSA-qqhq-8r2c-c3f5 (#6315)
• fix: improve memory usage on NVD update (#6321)
• fix: skip pyproject.toml unless it contains tool.poetry (#6316)
• fix: resolve build error that may cause an issue on some JDK versions (#6312)

See the full listing of changes.

Commits

• f7eab9f build: prepare release v9.0.7
• 60a3b38 docs: prepare release
• 1eedf4c fix: skip pyproject.toml unless it contains tool.poetry (#6316)
• 667fde1 fix: improve memory usage on NVD update (#6321)
• 8c6a97b build(deps): bump actions/github-script from 7.0.0 to 7.0.1 (#6079)
• 1fee73a docs: document insecure configuration for GHSA-qqhq-8r2c-c3f5 (#6315)
• 62ae1a1 fix: resolve build error (#6312)
• 793931a chore: add codeql back (#6311)
• b511b03 build: Release 9.0.6 (#6310)
• See full diff in compare view

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.11.0 to 3.12.1

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.12.1

🐛 Bug Fixes

• [MCOMPILER-567] - Fail to compile if the generated-sources/annotation… (#218) @​jorsol

📦 Dependency updates

• [MCOMPILER-568] - Bump plexusCompilerVersion from 2.14.1 to 2.14.2 (#220) @​dependabot

3.12.0

🚀 New features and improvements

• [MCOMPILER-562] - Add property maven.compiler.outputDirectory to CompilerMojo (#213) @​jGauravGupta
• [MCOMPILER-381] - Refactor incremental detection (#181) @​jorsol
• [MCOMPILER-542] - Clean JDK patch version in module-info.class (#208) @​jorsol
• [MCOMPILER-558] - compileSourceRoots in testCompile should be writable (#209) @​lorenzsimon
• [MCOMPILER-559] - Warn if overwriting the project's artifact's file to a different value (#211) @​gnodet
• [MCOMPILER-550] - make outputDirectory writable (#202) @​bmarwell
• [MCOMPILER-549] - Improve log message in case of recompilation - fix jenkins build (#203) @​slawekjaranowski
• [MCOMPILER-549] - Improve log message in case of recompilation (#201) @​BrowneMonke
• [MCOMPILER-391] - Use dep mgmt when resolving annotation processors and their deps (#180) @​psiroky
• [MCOMPILER-531] - Prepare for Java 20(-ea) (#184) @​slachiewicz

🐛 Bug Fixes

• [MCOMPILER-333] - Cleanup generated source files (#214) @​jorsol
• [MCOMPILER-544] - don't add items to classpath that are not used for that (#198) @​laeubi
• [MCOMPILER-547] - : Initialize pathElements to empty (#199) @​rovarga

📦 Dependency updates

• [MCOMPILER-564] - Bump plexusCompilerVersion from 2.13.0 to 2.14.1 (#216) @​dependabot
• [MCOMPILER-557] - Upgrade maven-plugin parent to 41 - fix build (#210) @​slawekjaranowski
• [MCOMPILER-554] - Update plexus-java to 1.2.0 (#207) @​jorsol
• [MCOMPILER-551] - Upgrade Parent to 40 (#205) @​slawekjaranowski
• [MCOMPILER-541] - update maven-shared-utils to 3.4.2 (#195) @​elharo
• Bump apache/maven-gh-actions-shared from 2 to 3 (#182) @​dependabot
• Bump maven-invoker-plugin from 3.4.0 to 3.5.0 (#179) @​dependabot

👻 Maintenance

• [MCOMPILER-565] - Allow project build by Maven 4 (#217) @​slawekjaranowski
• [MCOMPILER-552] - Refresh download page (#204) @​slawekjaranowski
• Remove references to old Maven versions. (#194) @​elharo
• (doc) Drop unused and vulnerable dependency to log4j (#190) @​slachiewicz
• [MNG-6829] - Replace StringUtils#isEmpty(String) & #isNotEmpty(String) (#189) @​timtebeek
• Update plexus-utils to 3.0.24 - in its (#183) @​slachiewicz

Commits

• 736da68 [maven-release-plugin] prepare release maven-compiler-plugin-3.12.1
• ef93f3d [MCOMPILER-568] Bump plexusCompilerVersion from 2.14.1 to 2.14.2 (#220)
• eb7840c [MCOMPILER-567] - Fail to compile if the "generated-sources/annotations" does...
• 2a7a73b [maven-release-plugin] prepare for next development iteration
• c08b0fd [maven-release-plugin] prepare release maven-compiler-plugin-3.12.0
• a1c5b13 [MCOMPILER-565] Allow project build by Maven 4
• 4855773 Bump plexusCompilerVersion from 2.13.0 to 2.14.1
• 1d05342 [MCOMPILER-562] Add property maven.compiler.outputDirectory to CompilerMojo (...
• ea74978 [MCOMPILER-381] - Refactor incremental detection (#181)
• fd37f09 [MCOMPILER-333] Cleanup generated source files (#214)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[rushtong]

Manually tested 👍🏽

[fboulnois]

lgtm 👍