Bump junit from 4.13 to 4.13.1
Created by: dependabot[bot]
Bumps junit from 4.13 to 4.13.1.
Release notes
Sourced from junit's releases.
JUnit 4.13.1
Please refer to the release notes for details.
Changelog
Sourced from junit's changelog.
Summary of changes in version 4.13.1
Rules
Security fix:
TemporaryFolder
now limits access to temporary folders on Java 1.7 or laterA local information disclosure vulnerability in
TemporaryFolder
has been fixed. See the published security advisory for details.Test Runners
#1669:](junit-team/junit#1669) Make
[Pull requestFrameworkField
constructor publicPrior to this change, custom runners could make
FrameworkMethod
instances, but notFrameworkField
instances. This small change allows for both now, becauseFrameworkField
's constructor has been promoted from package-private to public.
Commits
-
1b683f4
[maven-release-plugin] prepare release r4.13.1 -
ce6ce3a
Draft 4.13.1 release notes -
c29dd82
Change version to 4.13.1-SNAPSHOT -
1d17486
Add a link to assertThrows in exception testing -
543905d
Use separate line for annotation in Javadoc -
510e906
Add sub headlines to class Javadoc -
610155b
Merge pull request from GHSA-269g-pwp5-87pp -
b6cfd1e
Explicitly wrap float parameter for consistency (#1671) -
a5d205c
Fix GitHub link in FAQ (#1672) -
3a5c6b4
Deprecated since jdk9 replacing constructor instance of Double and Float (#1660) - Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language -
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language -
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language -
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.