Skip to content

update copilot to 24.10.0-beta1#8638

Merged
ZheSun88 merged 1 commit intoupdate-hilla-24.10.0-beta1-1773387836from
update-copilot-24.10.0-beta1-1773391214
Mar 13, 2026
Merged

update copilot to 24.10.0-beta1#8638
ZheSun88 merged 1 commit intoupdate-hilla-24.10.0-beta1-1773387836from
update-copilot-24.10.0-beta1-1773391214

Conversation

@vaadin-bot
Copy link
Copy Markdown
Contributor

@vaadin-bot vaadin-bot commented Mar 13, 2026

No description provided.

@ZheSun88 ZheSun88 changed the base branch from 24.10 to update-hilla-24.10.0-beta1-1773387836 March 13, 2026 08:49
@ZheSun88 ZheSun88 merged commit 14445d9 into update-hilla-24.10.0-beta1-1773387836 Mar 13, 2026
1 of 5 checks passed
@ZheSun88 ZheSun88 deleted the update-copilot-24.10.0-beta1-1773391214 branch March 13, 2026 08:49
@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 13, 2026
edited
Loading

Dependencies Report

  • 🚫 Vulnerabilities:

    • Vulnerabilities in: pkg:npm/serialize-javascript@6.0.2 [GHSA-5c6j-r48x-rmvq] (osv-bomber)
      ·
    • Vulnerabilities in: pkg:maven/org.jetbrains.kotlin/kotlin-reflect@1.9.20 [CVE-2020-29582] (owasp)
      · cpe:2.3:a:jetbrains:kotlin::::::::
      · cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*
      · cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:::::::*
      · cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:::::::*
    • Vulnerabilities in: pkg:maven/org.jetbrains.kotlin/kotlin-stdlib-common@1.9.0 [CVE-2020-29582] (owasp)
      · cpe:2.3:a:jetbrains:kotlin::::::::
      · cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*
      · cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:::::::*
      · cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:::::::*
    • Vulnerabilities in: pkg:maven/org.jetbrains.kotlin/kotlin-stdlib-jdk7@1.6.20 [CVE-2020-29582] (owasp)
      · cpe:2.3:a:jetbrains:kotlin::::::::
      · cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*
      · cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:::::::*
      · cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:::::::*

  • 🟠 Known Vulnerabilities:

    • Vulnerabilities in: pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.15.3 [CVE-2023-35116] (owasp)
      👌 Not a valid CVE report based on the vendor analysis and research
      · cpe:2.3:a:fasterxml:jackson-databind::::::::
    • Vulnerabilities in: pkg:maven/me.friwi/jcef-api@jcef-ca49ada%2Bcef-135.0.20%2Bge7de5c3%2Bchromium-135.0.7049.85 [CVE-2024-21639, CVE-2024-21640, CVE-2024-9410] (owasp)
      👌 Wait for the update from the jcefmaven community. Meanwhile the swing-kit is supposed to be used with fixed websites and not to browse the internet, we have a check for that, so the only possible attacker would be the same person that created the swing application, aka our customer devs. so this vulnerability is not classified by us as critical issue
      · cpe:2.3:a:chromiumembedded:chromium_embedded_framework::::::::
      · cpe:2.3:a:ada:ada::::::::

  • 📔 Found Core License Issues:

  • 🟠 Changes in 24.10-SNAPSHOT since V24.10.0-alpha2

    • 1 packages removed (1 external, 0 vaadin)
    • 1 packages added (1 external, 0 vaadin)
    • 157 packages modified (66 external, 91 vaadin)
    • 809 packages same (665 external, 144 vaadin)

[Click for more Details]

ZheSun88 added a commit that referenced this pull request Mar 13, 2026
@vaadin-bot @ZheSun88
update hilla/copilot to 24.10.0-beta1 (#8637)
fe69936 
* update hilla to 24.10.0-beta1

* update sbom list

* update copilot to 24.10.0-beta1 (#8638)

* add license

---------

Co-authored-by: Zhe Sun <31067185+ZheSun88@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vaadin-bot @ZheSun88