ScalaBot

mirror of https://github.com/LamGC/ScalaBot.git synced 2025-04-29 22:27:31 +00:00

Author	SHA1	Message	Date
dependabot[bot]	f188d5bfa9	build(deps): bump org.mockito:mockito-core from 5.6.0 to 5.8.0 (#111 ) Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 5.6.0 to 5.8.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.6.0...v5.8.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-12-17 22:49:24 +08:00
dependabot[bot]	90c57ff9b1	build(deps): bump org.mockito:mockito-core from 5.5.0 to 5.6.0 (#100 ) Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 5.5.0 to 5.6.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.5.0...v5.6.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-31 13:37:50 +08:00
dependabot[bot]	1fc386a226	build(deps): bump org.mockito:mockito-core from 5.3.1 to 5.5.0 (#83 ) Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 5.3.1 to 5.5.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.3.1...v5.5.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-15 10:30:14 +08:00
dependabot[bot]	a839cc63e6	build(deps): bump org.junit.jupiter:junit-jupiter-api (#71 ) Bumps [org.junit.jupiter:junit-jupiter-api](https://github.com/junit-team/junit5) from 5.9.3 to 5.10.0. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.9.3...r5.10.0) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-08-02 17:58:19 +08:00
dependabot[bot]	8be3f770bf	build(deps): bump commons-codec:commons-codec from 1.15 to 1.16.0 (#75 ) Bumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.15 to 1.16.0. - [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-codec/compare/rel/commons-codec-1.15...rel/commons-codec-1.16.0) --- updated-dependencies: - dependency-name: commons-codec:commons-codec dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-08-02 17:54:46 +08:00
LamGC	b1e7643b09	build(deps): 将 telegrambots 从 6.5.0 更新至 6.7.0 更新 Api 版本以支持新的 Api 改动.	2023-08-02 17:45:35 +08:00
dependabot[bot]	bdf75f1046	build(deps): bump org.junit.jupiter:junit-jupiter-api (#54 ) Bumps [org.junit.jupiter:junit-jupiter-api](https://github.com/junit-team/junit5) from 5.9.2 to 5.9.3. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.9.2...r5.9.3) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-16 09:46:58 +08:00
dependabot[bot]	758e0a9f16	build(deps): bump org.mockito:mockito-core from 5.3.0 to 5.3.1 (#51 ) Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 5.3.0 to 5.3.1. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.3.0...v5.3.1) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-11 14:28:55 +08:00
dependabot[bot]	5814817f3a	build(deps): bump org.mockito:mockito-core from 5.2.0 to 5.3.0 (#47 ) Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 5.2.0 to 5.3.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.2.0...v5.3.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-23 23:40:48 +08:00
dependabot[bot]	2c91884db8	build(deps): bump org.mockito:mockito-core from 5.1.1 to 5.2.0 (#42 ) Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 5.1.1 to 5.2.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.1.1...v5.2.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-23 21:26:44 +08:00
LamGC	6b92b7e377	build(publish): 增加 self-git Maven 仓库. 目前 Gitea 的构件仓库已经完善到基本可用的程度, 决定将 extension 和 meta 模块也一同发布到 self-git 中.	2023-02-25 17:14:03 +08:00
LamGC	375b815659	build(deps): extension 模块不再引入 Slf4j-api 依赖. 考虑到发布的频率, 决定不再为 extension 引入 slf4j-api 依赖; 不过还是建议开发者使用 Slf4j-api 打印日志, 这样可以将日志整合在一起, 方便排查问题.	2023-02-25 17:11:27 +08:00
LamGC	f26d642320	build(gradle): 将 extension 模块的构建插件改为 java-library 先前由于不了解 Gradle 的插件划分而使用了 kotlin-jvm 插件, 现在将其修正, 改用 java-library 插件.	2023-02-24 15:55:58 +08:00
dependabot[bot]	1eaed8ce6f	build(deps): bump org.mockito:mockito-core from 4.8.0 to 5.1.1 (#35 ) Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 4.8.0 to 5.1.1. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v4.8.0...v5.1.1) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-21 18:42:42 +08:00
dependabot[bot]	59aa83c93e	build(deps): bump org.junit.jupiter:junit-jupiter-api (#33 ) Bumps [org.junit.jupiter:junit-jupiter-api](https://github.com/junit-team/junit5) from 5.9.0 to 5.9.2. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.9.0...r5.9.2) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-21 18:36:02 +08:00
LamGC	63687da0bb	build(dependencies): 更新 binary-compatibility-validator 插件(0.11.1 -> 0.13.0). 更新后插件将支持 Kotlin 1.8.10 版本.	2023-02-21 12:44:06 +08:00
LamGC	712378b3ff	build(dependencies): 更新 telegrambots 依赖项. 将 telegrambots 依赖项更新至 6.5.0, 支持新版 Api; 已确认 telegrambots 6.5.0 版本升级了jackson-databind 版本, 因此移除 jackson-databind 的显性依赖声明.	2023-02-08 10:12:33 +08:00
LamGC	961382fb56	build(dependencies): 更新 TelegramBots 依赖项的版本号. 将 TelegramBots 依赖版本升级至 6.3.0, 支持新的 Telegram Bot API.	2022-12-16 01:15:09 +08:00
LamGC	6e5cd07c51	build(dependencies): 更新依赖项版本. 更新与日志和测试有关的依赖项版本.	2022-10-25 17:18:24 +08:00
LamGC	90110335f5	fix: 更新 jackson-databind 依赖版本以缓解 CVE-2022-42004 漏洞. CVE-2022-42004 漏洞报告指出, 由于 jackson-databind 的有关错误, 导致对象序列化过程可能存在数据错误的问题, 目前 jackson-databind 已发布 2.13.4.2 版本以解决该问题, 由于引入 jackson-databind 的 telegrambots 库尚未发布针对该问题的修复版本, 故在本项目中引入新版依赖项, 以确保用户不受该问题影响. 该版本已在 TelegramBots 项目(版本 6.1.0)中进行测试, 测试通过. ------------------------------------------ https://devhub.checkmarx.com/cve-details/CVE-2022-42004/	2022-10-20 01:41:48 +08:00
LamGC	9c32d26c0d	fix(dependencies): 更新 Commons-codec 依赖项的版本. 由于目前从 TelegramBots-Abilities 引入的 Commons-codec 存在 Base 32 和 64 的编解码漏洞, 考虑到需要防范潜在的安全问题, 因此决定更新 Commons-codec 的版本号. ---------------- 参考链接： https://devhub.checkmarx.com/cve-details/Cxeb68d52e-5509/	2022-09-19 14:32:40 +08:00
LamGC	dfab6b14bd	build(compatibility): 新增 API 兼容性检查插件(尚未启用). 新增 Jetbrains 的二进制兼容性验证插件, 该插件可确保在兼容性出现更改时及时报告出来. 计划在下一次发布版本时启用.	2022-09-19 14:28:06 +08:00
LamGC	437cee499a	build(dependencies): 更新依赖项版本. 更新版本有利于维持项目安全性.	2022-09-19 01:14:31 +08:00
LamGC	2d6da7c1ae	build(test): 添加 Jacoco 插件. 给 Extension 模块添加 Jacoco 插件, 以后估计会开 Codecov 来统计测试覆盖率.	2022-08-15 01:45:22 +08:00
LamGC	673c6d8392	build: 为项目支持可重现构建. 为确保项目的使用者(无论是开发者, 还是最终用户)可以完全重现构建, 确保安全, 故调整相关配置, 以实现"可重现构建". 有关可重现构建, 可以看这个: https://reproducible-builds.org/	2022-08-06 03:23:35 +08:00
LamGC	a8a0a9576f	build(dependencies): 更新 TelegramBots 依赖项的版本 (6.0.1 -> 6.1.0) 更新版本将有利于开发者和用户使用新的功能.	2022-07-16 20:30:22 +08:00
LamGC	45244c1fb1	build: 将子项目间共用的 Plugin 声明在根项目. 根据 Gradle 建议[1], 可以将子项目中都有使用的插件, 更改到根项目中, 这么做可以让我们仅更新根项目的插件版本, 让 Gradle 自动同步子项目的插件版本. --------------------------------- [1]: https://docs.gradle.org/current/userguide/plugins.html#sec:subprojects_plugins_dsl	2022-06-22 15:02:30 +08:00
LamGC	c41aac735c	build: 更新依赖项版本. 已确定无兼容性问题.	2022-06-18 09:57:03 +08:00
LamGC	145e5a2141	build: 暂时将发布仓库迁移到 Kuku 的仓库. 由于私有仓库所在的服务器出现问题, 所以暂时将仓库改到 Kuku 的那边. 在此感谢 Kuku 提供仓库!	2022-06-07 00:25:50 +08:00
LamGC	6e59a9a5ac	build(publish): 增加构件签名过程. 增加构件 GPG 签名, 可保证构件未被修改, 增加构件可信度.	2022-05-17 19:26:26 +08:00
LamGC	a44732a7f6	build: 将 Maven 发布仓库从 Github Repo 改为自建 Nexus 仓库. 由于 Github 自建仓库在 SNAPSHOT 版本上存在问题, 故修改发布配置以转移到自建的 Nexus 仓库.	2022-05-17 19:03:58 +08:00
LamGC	8131f41313	feat(extension): 初步添加一些工具方法. 添加 AbilityBots 类, 向开发者提供一些"工具"方法, 该方法将有助于插件的功能开发.	2022-04-19 00:17:57 +08:00
LamGC	d84465ebd9	build: 更新 TelegramBots 依赖项. 更新该依赖项以支持新版本的 Telegram API. 请注意: TelegramBots 已将弃用类移除.	2022-04-18 23:56:30 +08:00
LamGC	1172caa8d7	build(extension): 更新 TelegramBots 依赖项版本. 将依赖版本更新, 无兼容性问题.	2022-03-28 23:05:10 +08:00
LamGC	804d0e3012	build(extension): 为编译指定 Java 目标版本. 指定 Java 目标版本, 以免因环境错误编译成其他的 Java 字节码版本.	2022-03-25 18:15:00 +08:00
LamGC	3d5a009c7c	build: 设置了发布小仓库的配置. 目前处于 alpha 版本, 所以构建就不发到 Maven 中央仓库了. 如需使用, 可以看 https://github.com/LamGC/maven-repository 获取引用方式.	2022-02-21 15:42:07 +08:00
LamGC	6ea36a1129	build: 更新 Slf4j-api 的版本. 更新版本以修复潜在的问题.	2022-02-21 15:38:20 +08:00
LamGC	36ab898520	build: 更新 Slf4j 和 Junit, 屏蔽扩展包的测试依赖. 更新 Slf4j (1.7.32 -> 1.7.33) 和 Junit (5.6.0 -> 5.8.2). 按版本号规范来讲, 应该不会有兼容性问题.	2022-02-15 13:37:40 +08:00
LamGC	b03af43edd	build: 打包时加入 javadoc 与 source. 扩展依赖库应该提供 Javadoc 与 Source (虽然没几行代码).	2022-01-19 14:02:55 +08:00
LamGC	37f0d4e6b8	initial: 基本完成的首个版本, 还需要调整一下. 暂时按照当初的计划实现了一个可用版本出来, 发布与否晚些再确定.	2022-01-16 20:21:18 +08:00

40 Commits