hawkbit

Author	SHA1	Message	Date
Vasil Ilchev	4b83c78618	Fix cleaner clean reference to service before call on it - chain api (#3041 ) * Fix cleaner clean reference to service before call on it - chain api Signed-off-by: vasilchev <vasil.ilchev@bosch.com> * style and comment fix Signed-off-by: vasilchev <vasil.ilchev@bosch.com> --------- Signed-off-by: vasilchev <vasil.ilchev@bosch.com>	2026-04-28 13:13:35 +03:00
dependabot[bot]	ce444f9934	Bump spring-shell.version from 4.0.0 to 4.0.2 (#3037 ) Bumps `spring-shell.version` from 4.0.0 to 4.0.2. Updates `org.springframework.shell:spring-shell-starter` from 4.0.0 to 4.0.2 - [Release notes](https://github.com/spring-projects/spring-shell/releases) - [Commits](https://github.com/spring-projects/spring-shell/compare/v4.0.0...v4.0.2) Updates `org.springframework.shell:spring-shell-jline` from 4.0.0 to 4.0.2 - [Release notes](https://github.com/spring-projects/spring-shell/releases) - [Commits](https://github.com/spring-projects/spring-shell/compare/v4.0.0...v4.0.2) --- updated-dependencies: - dependency-name: org.springframework.shell:spring-shell-starter dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.springframework.shell:spring-shell-jline dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-27 08:36:05 +03:00
github-actions[bot]	5362dbeb9a	[Release] Automated commit of .3rd-party/DEPENDENCIES changes	2026-04-27 03:29:14 +00:00
Stanislav Trailov	b63ded1b2b	Use AccessContext.actor() in getApprovalUser in default rollout approval strategy (#3036 ) Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2026-04-24 16:20:53 +03:00
Avgustin Marinov	160576baac	Bump Spring Boot to 4.0.6 (#3034 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-04-24 09:01:55 +03:00
dependabot[bot]	897256a042	Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#3033 ) Bumps commons-io:commons-io from 2.21.0 to 2.22.0. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-version: 2.22.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-24 08:27:31 +03:00
dependabot[bot]	7441e87751	Bump aquasecurity/trivy-action from 0.35.0 to 0.36.0 (#3032 ) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.35.0 to 0.36.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/v0.35.0...v0.36.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-24 08:27:08 +03:00
clayly	2e53a66b79	Fix test assertions that depend on undefined row ordering (#3007 ) * Fix test assertions that depend on undefined row ordering Several tests use containsExactly() or index-based comparison on query results that have no ORDER BY clause. SQL does not guarantee row ordering without explicit ORDER BY, and databases like YugabyteDB return results in a different (but valid) order than PostgreSQL/H2. These tests verify set membership (correct targets assigned, correct actions stored), not ordering. Changed to order-independent assertions: - AutoAssignTest: containsExactly -> containsExactlyInAnyOrder - ControllerManagementTest: index-based loop -> containsExactlyInAnyOrderElementsOf - TargetFilterQueryManagementTest: containsExactly -> containsExactlyInAnyOrder Verified passing on H2 (default) and YugabyteDB (PostgreSQL-compatible). * Trigger ECA re-check	2026-04-21 17:21:38 +03:00
clayly	bdb87a95d9	Fix LIKE on non-String fields failing on PostgreSQL (#3008 ) * Fix LIKE on non-String fields failing on PostgreSQL-compatible databases The like() and notLike() methods in SpecificationBuilder relied on catching a Hibernate-specific CoercionException when LIKE was applied to non-String fields (e.g. bigint) with a wildcard-only value. However, with EclipseLink the invalid SQL is sent directly to the database, where PostgreSQL and compatible databases (YugabyteDB, CockroachDB) reject it with "operator does not exist: bigint ~~ text". Move the non-String field check before building the SQL predicate, making it database-agnostic and JPA-provider-agnostic. A wildcard-only LIKE on a non-String field is semantically equivalent to IS NOT NULL (and NOT LIKE to IS NULL), which is what the fallback already produced. * Trigger ECA re-check	2026-04-21 15:45:02 +03:00
dependabot[bot]	4cb5b161f1	Bump org.jsoup:jsoup from 1.22.1 to 1.22.2 (#3031 ) Bumps [org.jsoup:jsoup](https://github.com/jhy/jsoup) from 1.22.1 to 1.22.2. - [Release notes](https://github.com/jhy/jsoup/releases) - [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES.md) - [Commits](https://github.com/jhy/jsoup/compare/jsoup-1.22.1...jsoup-1.22.2) --- updated-dependencies: - dependency-name: org.jsoup:jsoup dependency-version: 1.22.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-21 13:52:46 +03:00
dependabot[bot]	f6ece97b81	Bump io.github.openfeign:feign-hc5 from 13.11 to 13.12 (#3030 ) Bumps [io.github.openfeign:feign-hc5](https://github.com/openfeign/feign) from 13.11 to 13.12. - [Release notes](https://github.com/openfeign/feign/releases) - [Changelog](https://github.com/OpenFeign/feign/blob/master/CHANGELOG.md) - [Commits](https://github.com/openfeign/feign/compare/13.11...13.12) --- updated-dependencies: - dependency-name: io.github.openfeign:feign-hc5 dependency-version: '13.12' dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-21 13:52:22 +03:00
Avgustin Marinov	c029c88db6	Improved AccessContext (#3029 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-04-21 13:51:37 +03:00
Stanislav Trailov	f2edc36e11	Add verify with Postgre (#3005 ) * Add verify with Postgre Signed-off-by: strailov <Stanislav.Trailov@bosch.io> * make them only on trigger manually Signed-off-by: strailov <Stanislav.Trailov@bosch.io> --------- Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2026-04-20 10:04:12 +03:00
dependabot[bot]	8473212f59	Bump vaadin.version from 25.1.2 to 25.1.3 (#3028 ) Bumps `vaadin.version` from 25.1.2 to 25.1.3. Updates `com.vaadin:vaadin-bom` from 25.1.2 to 25.1.3 Updates `com.vaadin:vaadin-maven-plugin` from 25.1.2 to 25.1.3 - [Release notes](https://github.com/vaadin/platform/releases) - [Commits](https://github.com/vaadin/platform/compare/25.1.2...25.1.3) --- updated-dependencies: - dependency-name: com.vaadin:vaadin-bom dependency-version: 25.1.3 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.vaadin:vaadin-maven-plugin dependency-version: 25.1.3 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-20 08:38:51 +03:00
Avgustin Marinov	e9aa13e68f	Improved SDK Setup - defaults (#3027 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-04-17 16:48:43 +03:00
dependabot[bot]	b4a171b4db	Bump io.swagger.core.v3:swagger-annotations-jakarta (#3026 ) Bumps io.swagger.core.v3:swagger-annotations-jakarta from 2.2.47 to 2.2.48. --- updated-dependencies: - dependency-name: io.swagger.core.v3:swagger-annotations-jakarta dependency-version: 2.2.48 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-17 08:52:29 +03:00
dependabot[bot]	311e08744e	Bump vaadin.version from 25.0.3 to 25.1.2 (#3025 ) Bumps `vaadin.version` from 25.0.3 to 25.1.2. Updates `com.vaadin:vaadin-bom` from 25.0.3 to 25.1.2 Updates `com.vaadin:vaadin-maven-plugin` from 25.0.3 to 25.1.2 - [Release notes](https://github.com/vaadin/platform/releases) - [Commits](https://github.com/vaadin/platform/compare/25.0.3...25.1.2) --- updated-dependencies: - dependency-name: com.vaadin:vaadin-bom dependency-version: 25.1.2 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.vaadin:vaadin-maven-plugin dependency-version: 25.1.2 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-17 08:52:03 +03:00
Avgustin Marinov	37559cdedc	Cleanup/fix jackson 2 -> 3 migration (#3024 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-04-16 13:29:26 +03:00
Avgustin Marinov	000dd97bbc	Bump some action versions (#3023 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-04-16 09:37:36 +03:00
Avgustin Marinov	82ee1cc4e6	Fix sonar findings on 21 style (#3020 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-04-15 16:57:10 +03:00
Avgustin Marinov	643e96b7b1	Add explicit codeql workflow (#3019 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-04-15 16:01:23 +03:00
Avgustin Marinov	8a078f8ee7	Fix requireJavaVersion -> 21 (#3018 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-04-15 15:42:05 +03:00
Avgustin Marinov	aca64df61c	Bump JDK requirements to 21 (#3017 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-04-15 15:17:53 +03:00
Avgustin Marinov	8015b0e3f1	Fix sonar findings (2) (#3016 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-04-15 14:39:28 +03:00
Avgustin Marinov	a00374f455	Fix sonar findings (#3015 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-04-15 13:14:31 +03:00
dependabot[bot]	0a0ab18fa2	Bump org.bouncycastle:bcpkix-jdk18on from 1.83 to 1.84 (#3013 ) Bumps [org.bouncycastle:bcpkix-jdk18on](https://github.com/bcgit/bc-java) from 1.83 to 1.84. - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) --- updated-dependencies: - dependency-name: org.bouncycastle:bcpkix-jdk18on dependency-version: '1.84' dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-15 09:17:13 +03:00
Avgustin Marinov	1be473b22c	[#2845 ] Bump Spring boot to 4.x (#2941 ) Notes: 1. (!) Eclipselink shall be migrated to 5.0 (in 4.0.8 there are incompatible classes, e.g EJBQueryImpl doesn't implement some newer methods). In the moment is with beta (5.0.0-B12) - JUST for testing! 2. (!) Ethlo plugin doesn't work with Eclipselink 5.0, it builds with Eclipselink 4.0.8 (could be a problem) 3. Dependencies - new starters, test starters changes, some dependencies refactoring 4. Auto-configs split - package changes, some properties classes changes 5. Spring nullable org.springframework.lang.Nullable/NonNull are depecated and replaced with jspcify -> org.jspecify.annotations.Nullable/NonNull (NullMarked) 6. Lombok config - adding lombok.addNullAnnotations=jspecify - to do not mess annotations 7. Distributed lock table changes - SP_LOCK table db migration 8. Spring Retry replaced with Spring Core Retry - does repace retry in hawkbit 9. Specifications -> added Update/Delete(/Predicate) Specifications and JpaSpecificationExecutor changed 10. HawkbitBaseRepositoryFactoryBean modified to register properly 11. Jackson - 2 -> 3, package migrations, finals are not deserialized by default(enable finals deserialization, consider make non-final), too ‘smart’ tries to set complex objects instead of using non args constructor (-> @JsonIgnore), some other default configs made Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-04-14 11:31:41 +03:00
dependabot[bot]	23cd368e00	Bump actions/cache from 5.0.4 to 5.0.5 (#3012 ) Bumps [actions/cache](https://github.com/actions/cache) from 5.0.4 to 5.0.5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v5.0.4...v5.0.5) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-14 11:01:13 +03:00
Stanislav Trailov	f6cb143283	Fix force quit actions to explicitly handle 0 active actions (#3004 ) * Fix force quit actions to explicitly handle 0 active actions Signed-off-by: strailov <Stanislav.Trailov@bosch.io> * Fix dynamic rollout behaviour when using Postgres Signed-off-by: strailov <Stanislav.Trailov@bosch.io> --------- Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2026-04-09 10:44:06 +03:00
Stanislav Trailov	f9bb49d33e	Remove table alias on SET when stopping rollouts (#3002 ) Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2026-04-07 16:56:55 +03:00
Avgustin Marinov	dd593677fd	Fix stop rollout when using PosgreSQL (2) (#3000 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-04-07 09:59:34 +03:00
dependabot[bot]	0431936cca	Bump docker/login-action from 4.0.0 to 4.1.0 (#2994 ) Bumps [docker/login-action](https://github.com/docker/login-action) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v4.0.0...v4.1.0) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-07 08:25:20 +03:00
Stanislav Trailov	5498a79534	Fix stop rollout when using PostgreSQL (#2996 ) Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2026-04-07 08:23:31 +03:00
Stanislav Trailov	951a89823f	Fix/vulnerability build (#2998 ) * Fix vulnerability build Signed-off-by: strailov <Stanislav.Trailov@bosch.io> * add scans dir before scanning Signed-off-by: strailov <Stanislav.Trailov@bosch.io> --------- Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2026-04-06 19:31:34 +03:00
Stanislav Trailov	82a3cfe1f4	Fix vulnerability build (#2997 ) Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2026-04-06 18:48:20 +03:00
Stanislav Trailov	273abebf9b	Migrate trivy scan to trivy-action (#2992 ) * Migrate trivy scan to trivy-action * Revert to hard versions approach, but not only with major ref Signed-off-by: strailov <Stanislav.Trailov@bosch.io> --------- Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2026-04-03 10:44:46 +03:00
Avgustin Marinov	0e13ef6e5d	Update checkmark symbol in SECURITY.md	2026-03-31 10:06:55 +03:00
Avgustin Marinov	3185468143	Add supported version for Eclipse hawkBit	2026-03-31 10:04:33 +03:00
Denislav Prinov	62c2b2e1b9	Add overview documentation image (#2988 ) Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>	2026-03-30 16:12:40 +03:00
Stanislav Trailov	6a1120bbd3	Try to fix dash licence tool in release pipeline (#2987 ) Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2026-03-30 14:23:40 +03:00
Stanislav Trailov	e9acb301f2	fix flaky controller management test (#2986 ) Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2026-03-30 11:24:17 +03:00
github-actions[bot]	7b11e80f28	[Release] Automated commit of .3rd-party/DEPENDENCIES changes	2026-03-30 07:01:23 +00:00
github-actions[bot]	ea816398ee	[Release] Automated commit of .3rd-party/DEPENDENCIES changes	2026-03-30 03:08:34 +00:00
Stanislav Trailov	ba3a08e560	Add Target Poll Event in Service Events (#2981 ) * Add Target Poll Event in Service Events Signed-off-by: strailov <Stanislav.Trailov@bosch.io> * Target poll event to service event Signed-off-by: strailov <Stanislav.Trailov@bosch.io> --------- Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2026-03-27 10:18:37 +02:00
Avgustin Marinov	5aafdaca6f	Bump spring to 3.5.13 (#2985 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2026-03-27 10:04:46 +02:00
dependabot[bot]	6610a94675	Bump org.springframework.ai:spring-ai-bom from 1.1.3 to 1.1.4 (#2984 ) Bumps [org.springframework.ai:spring-ai-bom](https://github.com/spring-projects/spring-ai) from 1.1.3 to 1.1.4. - [Release notes](https://github.com/spring-projects/spring-ai/releases) - [Commits](https://github.com/spring-projects/spring-ai/compare/v1.1.3...v1.1.4) --- updated-dependencies: - dependency-name: org.springframework.ai:spring-ai-bom dependency-version: 1.1.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-03-27 09:12:43 +02:00
Denislav Prinov	17ac0ac569	Merge pull request #2978 from boschglobal/docs-update Make app-name link to landing page and change the start page to what-…	2026-03-25 17:45:33 +02:00
Desislava Marinova	055d73c1fe	Make app-name link to landing page and change the start page to what-is-hawkbit.md	2026-03-25 17:43:15 +02:00
Stanislav Trailov	f2615fe812	Modify TargetPollEvent to be per batch update (not per target) (#2965 ) * Modify TargetPollEvent to be per batch update (not per target) Signed-off-by: strailov <Stanislav.Trailov@bosch.io> * Get use of remote event's timestame for targetPollEvent Signed-off-by: strailov <Stanislav.Trailov@bosch.io> * Revert "Get use of remote event's timestame for targetPollEvent" This reverts commit 27e3b740e2bb0b02cad1d5a6137db7928901f069. --------- Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2026-03-25 09:29:23 +02:00
dependabot[bot]	05058b9827	Bump com.rabbitmq:http-client from 5.4.0 to 5.5.0 (#2974 ) Bumps [com.rabbitmq:http-client](https://github.com/rabbitmq/hop) from 5.4.0 to 5.5.0. - [Release notes](https://github.com/rabbitmq/hop/releases) - [Commits](https://github.com/rabbitmq/hop/compare/v5.4.0...v5.5.0) --- updated-dependencies: - dependency-name: com.rabbitmq:http-client dependency-version: 5.5.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-03-25 08:50:55 +02:00

1 2 3 4 5 ...

4009 Commits