Skip to content

chore(deps): bump io.micronaut:micronaut-http-client from 3.1.1 to 3.10.7 in /appengine-java11/micronaut-helloworld#2465

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/appengine-java11/micronaut-helloworld/io.micronaut-micronaut-http-client-3.10.7
Open

chore(deps): bump io.micronaut:micronaut-http-client from 3.1.1 to 3.10.7 in /appengine-java11/micronaut-helloworld#2465
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/appengine-java11/micronaut-helloworld/io.micronaut-micronaut-http-client-3.10.7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown

Bumps io.micronaut:micronaut-http-client from 3.1.1 to 3.10.7.

Release notes

Sourced from io.micronaut:micronaut-http-client's releases.

Micronaut Core 3.10.7

🚨 Security

Full Changelog: micronaut-projects/micronaut-core@v3.10.6...v3.10.7

Micronaut Core 3.10.6

Security 👮🏻‍♂️🚨

This release contains fixes for this security advisory:

*Unbounded bundleCache in ResourceBundleMessageSource Allows Memory Exhaustion via Accept-Language Header

Full Changelog: micronaut-projects/micronaut-core@v3.10.5...v3.10.6

Micronaut Core 3.10.5

What's Changed

Other Changes 💡

Full Changelog: micronaut-projects/micronaut-core@v3.10.4...v3.10.5

Micronaut Core 3.8.15

Security 🚨

  • Add configurable HTTP client redirect limit
  • Avoid forwarding sensitive headers on cross-origin redirects
  • Update to Netty 4.1.135

Full Changelog: micronaut-projects/micronaut-core@v3.8.14...v3.8.15

Micronaut Core 3.8.14

This release contains fixes for this security advisory:

... (truncated)

Commits
  • af51e26 [skip ci] Release v3.10.7
  • 42adaa3 fix checkstyle issues
  • 64e5397 Avoid forwarding sensitive headers on cross-origin redirects
  • fb9f485 fix Add configurable HTTP client redirect limit merge
  • c06a271 Add configurable HTTP client redirect limit
  • 61c2d66 chore: Bump version to 3.10.7-SNAPSHOT
  • 324db9b [skip ci] Release v3.10.6
  • c2048ab Merge commit from fork
  • 22a924d chore: Bump version to 3.10.6-SNAPSHOT
  • df467a4 [skip ci] Release v3.10.5
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [io.micronaut:micronaut-http-client](https://github.com/micronaut-projects/micronaut-core) from 3.1.1 to 3.10.7.
- [Release notes](https://github.com/micronaut-projects/micronaut-core/releases)
- [Changelog](https://github.com/micronaut-projects/micronaut-core/blob/5.2.x/RELEASE.adoc)
- [Commits](micronaut-projects/micronaut-core@v3.1.1...v3.10.7)

---
updated-dependencies:
- dependency-name: io.micronaut:micronaut-http-client
  dependency-version: 3.10.7
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jul 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants